C3 has merged with Ingalls Read Press Release >>

Everything You Need to Know About the Krack WiFi Vulnerability

If you use WiFi, you’re vulnerable to cyber attack. (No, we’re not kidding.)

A 13-year-old vulnerability was just discovered in the security that protects WiFi networks, and it’s somehow gone unnoticed until now. So if you own a WiFi-enabled device, you’re at risk.

This security flaw could allow hackers to steal your credit card details, private messages, photos, and more—all they need is to be within physical range of your wireless network or any WiFi network you connect to.

Referred as KRACK attack (short for “key reinstallation attack”), this vulnerability was found in the WPA2 security protocol (used by nearly every WiFi router). It tricks the client into reinstalling a key that is already in-use, and can decrypt sensitive data.

And right now, all WiFi networks are unpatched.

That means you’re vulnerable on any major OS, including Android, Apple, Windows, and Linux. Experts are saying that Android users are the most at-risk, with 41% of devices labeled “easy to hack”.

The worst part? Vendors were first warned about it back in July, so they had time to prepare patches before it was publicized. But we haven’t seen much yet.

So, how can I protect my data?

Great question you just asked. Right now, there are two things you can do.

1. Encrypt your data whenever possible.

If you use HTTPS when browsing the web, your data cannot be intercepted by hackers. For sensitive communications like banking, email, and shopping, only use websites that enforce HTTPS.

2. Keep all devices up-to-date.

Whenever an update becomes available on any WiFi-enabled device, do it as soon as you can. This includes your router’s firmware, as well as your laptops, phones, and tablets. Chances are, these updates contain patches that can help protect you from attackers.

Contact us to learn how Steel Root can automatically keep all of your devices up-to-date with the latest security patches.

It’s more important than ever to take the extra steps to ensure you’re secure. If you’re worried about your data, need a hand, or have any questions about this vulnerability, let us know.