Since the rise of the Internet, hackers, developers, scientists, engineers and informatics wizards worked to develop new software options, apps, programs, web pages, all kinds of sites, and many useful things to help improve the online experience for the average user. Most of these things can be considered positive for the Internet landscape.
However, not everything is roses and daisies. The viruses, worms, Trojan horses, malware, identity theft, scams, credit card cloning and illegal use, and other threats have also existed for a long time, reminding people from all places and of all ages that the use of Internet needs to be performed with security measures, awareness, and tools.
One of the newest risks of using the Internet, at least wireless connections, is the KRACK vulnerability. It is a security breach at the WPA2 encryption level, which is the most commonly used in Wi-Fi in our current online landscape. You need to know how the vulnerability works, why you are under threat, how can you do to protect what you value and which are the companies, be it hardware or software, that have made further strides in releasing security patches to solve the crack in WPA2.
The risks of connecting to a free Wi-Fi network
By now, almost every Internet user is familiar with what Wi-Fi is and what it means. After all, the wireless connection is highly sought after by users to implement in their home networks, in work, and in other scenarios and situations. Free Wi-Fi, precisely, is especially popular because it allows people to connect to their social media outlets or send emails, watch videos, and do other stuff without having to pay a dime.
But connecting to public networks comes with significant risks. When people do it, they leave critical data and information available for everyone, such as their IP address, which is their online identity and one of the ways hackers can use to track you and incur in data theft. They can steal your credit card number, your browsing history, your usernames and passwords to essential pages and services, and many more things.
Also, the KRACK vulnerability, in particular, can leave holes in your online protection, and if the person on the other side of the curb has the proper skills and equipment, it can inject malware and viruses in your device. Connecting to a free Wi-Fi can be free of charge at first glance, but if you put everything in perspective, you can wind up spending a lot of money.
What is the KRACK vulnerability?
Named “Key Reinstallation Attack” and later shortened to KRACK, the vulnerability consists of a security breach in the Wi-Fi Protected Access 2 (WPA2) level. The WPA2 is a security encryption protocol known for being the most widely used in our society as of today. What this “crack” means is that people connected to Wi-Fi all over the world can be at risk of data theft, malware injection, and other “hacking” activities.
Public, free Wi-Fi hotspots are the ones that imply the most risk because of there are more people that can see your IP address and other crucial data about your connection. Hackers need to be close to the Wi-Fi connection to successfully “crack” it because he requires the password. The KRACK vulnerability does not work if the intention of the person is obtaining a Wi-Fi network’s password, but if the hacker gets it and enters the system, everybody is in danger.
Now, after these events, the WPA2 is in grave danger of suffering the same fate of the WEP protocol, widely used at the beginning of the new century, but now out of date and the users’ circle of trust after a series of breaches back then. It was replaced by the WPA and the WPA2, and now both are currently at risk.
How can you protect yourself from the crack in WPA2?
The Wi-Fi Alliance, router developers and other technology equipment vendors, such as Apple, Google, Toshiba, Intel, Cisco, and much more, are currently working to develop security “patches” to solve the KRACK vulnerability in their respective fields. Some of them have already claimed substantial success, as is the case for Apple, but other, such as Android, still have a lot of work to do.
To protect yourself from getting your WPA2 cracked, you can take a series of measures and steps. However, you need to know that no one is 100% protected from the breach just yet, and you need to be careful on your online interactions out there.
Connect through HTTPS
If you go to a site that uses HTTPS, your server uses a certificate to prove the website’s identity to browsers. The HTTPS (Hyper Text Transport Protocol Secure) is an online tool that allows users to browse the web securely, unlike the Hyper Text Transport Protocol, or HTTP.
The HTTPS will allow users of a public Wi-Fi network to share data and traffic with websites and services in a secure way, dodging the threat of hackers for the most part. To get HTTPS, you can install the HTTPS Everywhere extension in Opera, Google Chrome, and Firefox. This measure is widely used in online stores such as Amazon to make purchases and transactions more secure.
Use Ethernet to avoid going Wireless
An Ethernet cable is a perfect way to avoid the dangers of a wireless connection. You can trade a little mobility for protection of your most valuable assets. All you need is your Ethernet cable, but you should know that this method does not apply to smartphone or tablet users, just laptops.
Update your router’s firmware
This is one of the best things you can do to avoid cracks in WPA2. Remember, private connections are not entirely immune to the KRACK vulnerability, and keeping your firmware updated when it comes to security patches for all your devices is an excellent idea.
Your router’s device latest patch will probably have protection against the KRACK vulnerability because most providers are active in this regard. If you fail to get the most recent patch, or your Internet Service Provider (ISP) doesn’t have it, you need to consider switching ISP.
Use a quality VPN service
With a Virtual Private Network provider, such as TorGuard, IPVanish or Private Internet Access, you can hide from hacker’s attacks because your IP address will remain hidden and you will borrow a new one for your online sessions using a public Wi-Fi.
VPNs use stronger encryption protocols to make sure there are more security layers than the WPA2 when you establish a connection to a Wi-Fi network. However, you need to be careful with the provider you select, because some of them, especially the free ones, can sell your traffic to whoever agent may need it.
|PRICE||$5 for 1 month with code "best10VPN"||$6.95 a month|
|24/7 Live Chat|
|Residential / Dedicated IP for permanent streaming access|
|Has Mobile App + PC / Mac Support|
|Stealth VPN / Advanced Obfuscation techniques|
|Visit VPN Provider||Visit TorGuard||Visit PIA|
Use your data plan
If you want to protect your digital assets, such as passwords, photos, videos, and credit card information, you can opt for connecting to your data plan to gain Internet access instead of doing it in unknown Wi-Fi hotspots. This way you can avoid the crack at the WPA2 encryption level and enjoy a safer browsing session.
Avoid public Wi-Fi connection
Private Wi-Fi connection users are not entirely out of the woods yet, but they are significantly safer than public hotspots. In those, you share critical information about your connection with hundreds or maybe thousands of other people, and if you have to use a public Wi-Fi, do it with an Ethernet cable or using a VPN.
Establish a secure password to your Wi-Fi network
You can set up a very long and tricky password to make hackers’ job more difficult. In the end, however, if they get it, you are in danger, but why not put up a fight if you can? A robust password may complicate matters a little bit more for them.
Which companies are further along in the patches development?
The following companies are taking matters into their own hands with considerable effectiveness in developing patches to protect their users from the KRACK vulnerability:
- Espressif systems
- FreeBSD project
- Ubiquiti Networks
- Wi-Fi Alliance
- Wi-Fi Standard