Easy fix for the WPA2 flaw that threatens Wi-Fi security

  • 17th Oct, 2017

Belgian scientists have found a critical flaw in the WPA2 encryption standard which is being used by pretty much every Wi-Fi network. Due to the severity of this discovery, it even made it to the mainstream media headlines: BBC, Wired. The so-called “Krack” attack targets new connections during their initialization in order to reduce the encryption strength. Even the use of a long and complex Wi-Fi password, which has so far been regarded good enough to keep your data safe, can leave you exposed to hacker attacks.

How can I protect my Wi-Fi from the “Krack” attack?

After the public disclosure of the vulnerability, the hardware manufacturers will now need to provide patches for their devices. Because the attack targets terminal devices (PCs, smartphones, tablets etc.) as well as Internet routers and access points, this will be an enormous task. From experience with other vulnerabilities in the past, we can tell that the process is going to be very long. Many older devices might even not receive patches at all and will remain insecure. Unless all devices on your home Wi-Fi network have been patched, you should always consider the possibility that a hacker within Wi-Fi range could be eavesdropping on your connection.

These quick fixes can help you secure your data:

    • Use an Ethernet cable instead of Wi-Fi
      This method does of course not work for many mobile devices like smartphones. It is, however, a very easy fix to implement for PCs and laptops
    • Pay attention to https encryption when entering private data on websites
      Https additionally encrypts your data, so that even a hacker in your Wi-Fi network won’t be able to read them. Many websites already use https by default. Browser plugins such as https everywhere allow you to use https on websites that do not offer this feature by default.
    • Use a VPN and/or Tor
      VPN and Tor connections add an additional layer of encryption, similar to https. However, in contrast to https, they do this for all data entering or leaving your device, not just for a specific website.

Shellfire VPN users can relax. As long as your VPN connection is established, you can even use unencrypted and compromised Wi-Fi networks safely!