WPA2 Encryption Now Vulnerable
As we’ve covered in earlier Cyber Security posts, there are many hacks and security breaches floating around the world wide web, but this one is pretty big.
This past Monday was labeled “Black Monday” by many cyber security circles across the web.
According to CBS New York, “Researchers in Belgium uncovered a flaw in Wi-Fi security that makes every device you use on Wi-Fi vulnerable to cyber attacks. It could be the mother of all security breaches.”
The tech industry has been sent scrambling to deal with the “Krack Attack” Wi-Fi WPA2 Encryption vulnerability that will affect most wireless devices worldwide. Even IoT (Internet of Things) devices may be affected.
You may or may not be aware of this, but you most likely use Wi-Fi with WPA2 encryption to keep your data secure. With this security vulnerability, millions of networks out there are less secure than previously thought. And now that the problem has been made public, the number will increase significantly. Hackers who were previously in the dark about this hack will now utilize this most recent vulnerability for their own nefarious purposes.
So what can you do?
Definately make sure your software is up to date, including operating systems and malware / anti-virus applications.
Use a hardwired connection rather than Wi-Fi whenever possible until your devices have been updated to correct the security flaw.
This will work just fine for desktop operation where an Ethernet cable is within reach. If you're connected to your router via Wi-Fi, find an Ethernet cable and connect directly to the network. Don’t forget to turn off Wi-Fi on your personal computer. You'll get better performance AND while the world of hack prevention scrambles to secure this new hole, you (and your business) won't have to worry about it.
What about Wi-Fi on your smartphone?
Unfortunately, this security issue also affects an estimated 6.1 billion smartphone users.
Thankfully, client to website encryption is still viable. When you access websites through your smartphone, a security feature called SSL may be encrypting your transmission.
It’s the "s" in https:// that indicates the site you're viewing is SSL secure. If you notice that there is no "https" in the address bar or that there is just "http" in the address bar, ask yourself if you really need to be on this site. If not, close that browser tab.
If your Wi-Fi link has been mirrored, all of your information (passwords, usernames, etc.) could be processed by a third-party.
If you have to use Wi-Fi, avoid websites that do not use https:// at the beginning of their URL.
If you have a question or topic you would like us to cover, please send us a message.