Many of you will have seen on the TV News, or on news websites, that there is a new hack, called KRACK, targeting secure Wifi networks. As is usual with the news media, things aren’t quite as bad as they appear but there are still things to be aware of in order to stay safe.
Although some Wifi routers and access points are vulnerable to this hack, it appears at this stage that devices, particularly Android devices, are the most vulnerable and, thus, the main target. The basis of this hack is that once implemented, the attacker is able to view all data transmitted over the compromised wireless network. However, there are a couple of important points to note to put this in perspective.
1. Any attacker needs to be within range of your wireless device(s) in order to carry out this attack.
2. Encrypted data (any HTTPS website, for instance) is still encrypted and, thus, unreadable by the attacker.
Be very wary of “free” Wifi access (public events, shopping malls, restaurants, cafes etc.)
Always use HTTPS when browsing the web when possible. There is a web browser extension called HTTPS Everywhere which we recommend. There are others which do the same job.
1. Review the security on your corporate and home Wifi networks.
2. Keep all devices up to date as recommended by the supplier / manufacturer.