Last fall, news broke of a new hack affecting Wi-Fi-enabled devices. Dubbed Krack (for key reinstallation attack), this cyberattack was unique because it specifically targeted the current industry standard cryptographic protocol: WPA2 (Wi-Fi Protected Access 2).
The way it works is by attacking the setup connection between your device and the wireless network. Basically, Krack lets hackers see the encryption key sent between the network and your device during the authentication process. It also allows them to manipulate this step so you end up reinstalling an encryption key that is already in use.
(Encryption keys are made up of algorithmically generated, one-time-use random numbers. For your security, they are not designed to be reusable.)
It’s important to note that a criminal has to be within range of a particular wireless network to carry out this attack. But considering how common Wi-Fi-enabled devices are, it would be incredibly easy for a hacker to set up shop in an airport or a busy coffee shop and have a field day.
By putting every single Wi-Fi-enabled device at risk, this cyberattack exposed a serious problem in the way we currently connect to the internet. And unfortunately, there isn’t any easy fix.
In the wake of the Krack attack, tech companies simply advised customers to install the latest security patches and update all their devices as soon as the flaw was discovered. Some people went to more extreme measures and stopped using Wi-Fi altogether. Instead they plugged their devices directly into their router to access the internet.
You may be surprised to learn that WPA2 encryption has been around for about 15 years. Now, tech security leaders realize it’s time to update the way we connect to online networks.
Within months of the Krack’s discovery, the Wi-Fi Alliance — a group of tech industry leaders including Apple, Microsoft and Cisco — announced they are working on the next generation of Wi-Fi access encryption protocol. Not surprisingly, it will be called WPA3.
Wi-Fi: The Next Generation
In the not-too-distant future, expect to see WPA3 encryption become the new standard in how we connect to the internet. By default, WPA3 will protect against Krack. It will also make it easier to connect to the internet with devices such as smart watches and home automation systems.
Not only will the new standard keep your home network more secure, but it will make it safer to use public Wi-Fi. Like WPA2 is supposed to do, WPA3 will employ a unique encryption code for each individual who accesses the network.
Plus, the WPA3 system will alert the network administrator if someone tries to access the network by guessing the password. In addition, WPA3 will include security features to prevent brute-force attacks as well as higher security for government users.
As with any major change to technology, it will take a good amount of time before WPA3 takes over as the new standard for most Wi-Fi systems. Basically, it could be years before it is as common as WPA2 is today. Until then, WPA2 is still being updated to protect users — even though a new protocol is in the works.
In order for WPA3 to become the default protocol, wireless devices must be able to support the new encryption standard. Which means companies will have to come out with new electronics that are compatible with WPA3. This is another reason it may take a while before all your devices and routers are using this more secure connection.
How to Protect Yourself Now
In the meantime, be sure to regularly update your devices with the latest security patches. Be especially cautious when using public Wi-Fi. If you haven’t already, download a virtual private network (VPN) to use when you connect to a public network.
According to Zouhair Belkoura, CEO and co-founder of Keepsafe Software, “Since a virtual private network creates a tunnel that encrypts your personal information and browsing activity, anyone using a reputable VPN is safe from a Krack attack. However, the key word here is “reputable.”
The VPN I use is TunnelBear. They offer a secure service at a reasonable price and — most importantly — they don’t log my internet activity. Plus, it’s always on and if my connection gets disrupted, TunnelBear will block all unsecured traffic until it’s safely reconnected. Click here for a free trial and see for yourself.
And as always…
Editor, Spy & Survival Briefing