Dear Reader,
As of 2017, there are 3.74 billion internet users in the world, and the majority of these people use Wi-Fi to connect to the internet — whether it’s a home, business or public network.
Now, as most of you know, public Wi-Fi is incredibly susceptible to hackers. I don’t recommend using it unless you’re also using a VPN (virtual private network). But most people feel pretty safe using their own personal Wi-Fi connection at home or work, right?
If you’re one of those people, here is a good reason you should be a little more careful — no matter what wireless network you are connected to.
The Key to the Kingdom
Last Monday, a new cyberattack called “Krack” (short for key reinstallation attack) was revealed. This hack actually targets wireless routers, not individual devices, which means ANY Wi-Fi-enabled device is at risk. It exploits a flaw in the WPA2 (Wi-Fi Protected Access 2) security protocol, which is the current security standard for routers.
Here’s how the hack works: During the process of connecting your device to the Wi-Fi network, an encryption key is exchanged between the two. Krack tricks you into installing this encryption key, and if a hacker managed to collect the key, they would easily be able to access your wireless network.
The scary thing is there’s really no device that is safe from hackers when it’s connected to Wi-Fi. The silver lining is that a hacker would have to be within range to connect to the Wi-Fi network. In other words, you don’t have to worry about some guy in Russia hacking into your Wi-Fi using this method.
But of course, you’re probably thinking, How does this truly affect me?
Well, the reality is that once a hacker has access to your wireless network, they can see all the information you send over it. Essentially, this is just as unsafe as using a public Wi-Fi network with no security encryption at all. You would be inadvertently sharing your passwords, credit card information and everything else you do online.
To make matters worse, since hackers could see what websites you are browsing in real-time, they could add code to those websites that would infect your computer with malware.
Since pretty much everyone is vulnerable to this attack, here are a few ways you can protect yourself and avoid falling victim to the Krack attack:
1. Keep your devices up to date.
Anytime there is a new cyber threat, every major software company immediately begins working on software patches to update their security to protect users. This is why you should always check for the latest software updates on every device you connect to a wireless network.
Here’s something else to keep in mind: Even when people remember to update their devices, they often forget to see if there are any updates for their actual routers. Companies like Netgear and Intel have already released security patches for their products to protect them from this most recent attack.
2. Use a VPN.
You’ve heard me mention this before, but I cannot stress enough how critical it is to use a VPN. No matter how you connect to the internet, you should always use a VPN to keep hackers from spying on you and getting their hands on your personal information.
Be sure to use a reputable VPN service such as TunnelBear (which is what I use). While more and more companies offer a free VPN, the service is typically slower, and from what I’ve seen, the free services are not always the most secure.
Personally, I wouldn’t go cheap when it comes to VPN services. That being said, TunnelBear is very reasonable and it gives me everything I need to browse the internet safely.
3. Get an Ethernet cable.
If you want to be extra cautious, you could use a hard-wired Ethernet connection to get internet access. Obviously, this is easier to do at home or at work than when you are out and about, but it’s one way to guarantee you will be safe from this cyberattack.
As I mentioned earlier, no device is safe from this hack since it is designed to affect the wireless security protocol. In the next few weeks, stay on the lookout for software updates for all your devices — these will hopefully also include security updates to protect you from the effects of Krack.
Stay safe,
Jason Hanson