The rule of thumb about securing Wi-Fi network is to set up WPA2 security protocol with a hard to guess password. Most modern Wi-Fi networks use this security protocol to keep you safe online. It has now emerged that WPA2 protocol can be overridden by a new exploit KRACK.
How KRACK works
KRACK is short for Key Reinstallation Attack. As it works out, whenever you connect a new device to your Wi-Fi network, a sort of 4-way handshake takes place to ensure the correct password is used.
Security experts have now learned that the handshake can be manipulated and allow attacker see and decrypt data flowing through your Wi-Fi network. The attacker doesn’t even need to know the Wi-Fi password, more geeky information about it at this link.
Once the attacker has accessed your network using this exploit, they can not only see the data being transmitted, they can also inject malicious data into your network; they can infect it with ransomware and other malware. They can also infect websites you visit; that has been established for site using HTTP security, HTTPS sites should be safe from the infection.
How do I protect myself from KRACK?
#1 – Keep your devices updated
Whether it is a Windows PC, Mac, Android, Linux, and iOS among others. Always ensure your device is updated; especially the security updates. Do not forget to keep your router as well updated. Check with the router manufacturer’s website for any firmware updates rollout.
However, the reality is that most Android devices don’t get updates in time; if at all they do get. Another major risk is smarthome devices, and may end up serving as botnet for malware. Generally, it is advisable you keep an eye for any update issued for any of the Wi-Fi devices connected to your home network.
#2 – Keep yourself safe online
While you wait for KRACK security update to be issued; although for some devices, the update will never come. Try to keep yourself safe online by restricting web pages you visit are of a HTTPS-secured websites. Under no circumstances should you give sensitive information online. Do all you banking, and emailing among others sensitive stuff only on websites that are HTTPS secured.
#3 – Change the Router settings from the default
There is a good chance you using a router that will never get the patch, and it doesn’t mean you should expose yourself to the attacks. An attacker could use KRACK attack on your network and using the default settings of your router using the SSID and password it came with it to log into the router.
To protect yourself from that, change your Router settings from the default and make sure you are using WPA2 with AES encryption. You will also need to disable router features as as the WPS and UPnp.
#4 – Run your Antivirus and Anti-Malware regularly
Well this is a no brainer; you should alway run your antivirus and anti-malware on a regular basis. You also need to ensure you are running a good antivirus and anti-malware software. Check out our list of the best antivirus for Windows at this link.