Wi-Fi security flaw gives hackers access to your device
In a first-of-its-kind warning, some cyber-security experts are urging people to stay off Wi-Fi networks, even the one in your home and at work.
A serious vulnerability in the WPA2 security of most all Wi-Fi routers has been discovered that makes it easy for a hacker to gain access to data, passwords, email, bank and credit card numbers and anything else stored on a computer or device, as well as anything those devices are sending to the internet.
Cyber-security expert Mathy Vanhoef at Belgian university KU Leuven discovered a weakness in the security protocol WPA2 that affects what most call the “handshake” between devices and
a Wi-Fi internet connection.
That “handshake” is what encrypts data being sent to the network and the data going back to the device. Vanhoef published details of the flaw Monday. What this means is that the Wi-Fi you are using is not safe from hackers and affects every Wi-Fi router in the country. If a laptop, smartphone or tablet is connected to the internet and the operating systems they use are vulnerable to attacks.
A hacker can use a go-between device so that the victim thinks they’re connecting to the Wi-Fi network but are actually connecting to the hacker’s hot spot. Of particular worry is newer Android devices. Cyber-security firms around the world are investigating what is being called a global weakness to Wi-Fi systems.
What can you do to protect yourself? Stay off of public wifi networks found in coffee shops, restaurants, libraries, airports and any other places that provide free Wi-Fi. Businesses should also update their network Wi-Fi routers as those are susceptible as well. Even the Wi-Fi router you have in your home can be hacked.
Of particular worry are personal Wi-Fi networks in apartment complexes. To take advantage of the flaw a hacker must be in close proximity to the router; close enough to act as that go-between.
Update your Wi-Fi router. Many of the companies who make routers are releasing security updates. If you do not know how to update your router, leave it plugged in. Many routers are set to install updates when they are available automatically.
Also, update your devices. Smartphones, tablets and laptops should be getting updates soon.
Windows has announced a new update to patch the vulnerability. Apple announced the Wi-Fi vulnerabilities have been patched in iOS, MacOS, tvOS and watchOS.
Use a VPN, or Virtual Private Network, which encrypts computer IP addresses. Linux and Android devices are especially vulnerable to attacks.