Widespread Security Flaw Leaves Wi-Fi Networks Open to Attack

Photo by Eugenio Marongiu / Shutterstock.com

A fundamental flaw has been discovered in the security layer that protects Wi-Fi networks.

As a result, it is possible for hackers to intercept information you transmit over a Wi-Fi connection.

This vulnerability in the security layer known as Wi-Fi protected access II, or WPA2, was discovered by Mathy Vanhoef, a researcher at Belgian university KU Leuven. He explains on his website devoted to the issue:

“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

The CERT Division of the Software Engineering Institute at Carnegie Mellon University — which is sponsored by the U.S. Department of Homeland Security — also issued a notice about the WPA2 vulnerability Monday.

How hackers can exploit devices

Attackers could exploit the WPA2 weakness using what’s known as a key reinstallation attack, or KRACK, if they are within range of your Wi-Fi network.

As Alan Woodward, a professor in the Department of Computer Science at England’s University of Surrey, explains it to the BBC:

“When any device uses Wi-Fi to connect to, say, a router it does what is known as a ‘handshake’: It goes through a four-step dialogue, whereby the two devices agree [on] a key to use to secure the data being passed (a “session key”). This attack begins by tricking a victim into reinstalling the live key by replaying a modified version of the original handshake. In doing this a number of important set-up values can be reset, which can, for example, render certain elements of the encryption much weaker.”

Vanhoef notes that all modern protected Wi-Fi networks use this four-way handshake. So, any device that supports a Wi-Fi connection is most likely affected by this vulnerability. For example, his research found that Android, Apple, Linux and Windows devices, among others, are at risk.

What you should know and do about the WPA2 weakness

The security flaws Vanhoef discovered are in the WPA2 standard itself rather than individual products. That is why any Wi-Fi-enabled device is most likely impacted. It is also why experts, including Vanhoef and CERT, are urging folks to update their devices with the latest available security patches. That includes laptops and smartphones as well as routers. CERT’s note says:

The WPA2 protocol is ubiquitous in wireless networking. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific vendor or product, check the Vendor Information section of this document or contact the vendor directly.

Forbes reports that Microsoft has already issued a patch, while Cisco and Intel have issued security advisories.

A spokesperson for Google, which developed the Android operating system, told Forbes, “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.”

The Wi-Fi Alliance, which represents the Wi-Fi industry, also notes that “there is no evidence that the vulnerability has been exploited maliciously.”

What’s your take on this news? Sound off below or over on our Facebook page.

Disclosure: The information you read here is always objective. However, we sometimes receive compensation when you click links within our stories.

Read Next
7 Ways to Save Money Without Trying
7 Ways to Save Money Without Trying

Saving money doesn’t always mean drudgery and sacrifice. These tools make it easy — sometimes even fun.

5 Surveys For Money Sites To Get Paid For Your Opinion
5 Surveys For Money Sites To Get Paid For Your Opinion

Yes, you can earn extra cash by taking online surveys. But some websites are better than others for this. Here are a few of our favorites.

These 13 States Tax Social Security Income
These 13 States Tax Social Security Income

Uncle Sam is not the only one looking for a piece of your retirement income. Is your state on this list?

How to Invest in Real Estate for as Little as $500
How to Invest in Real Estate for as Little as $500

If stock market volatility has you looking for other investment options, here’s a way to diversify — even if you don’t have tons of money.

5 Reasons You Should Claim Social Security ASAP
5 Reasons You Should Claim Social Security ASAP

Experts often recommend postponing claiming your Social Security retirement benefits. But there are situations in which you should start taking the money sooner.

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started

Most Popular
10 Things Frugal People Never Buy
10 Things Frugal People Never Buy

If you’re a true tightwad, the mere thought of spending money on these items gives you the willies.

10 Useless Purchases You Need to Stop Making
10 Useless Purchases You Need to Stop Making

You might as well flush your money down the loo if you spend it on these things.

7 Social Security Rules Everyone Should Know by Now
7 Social Security Rules Everyone Should Know by Now

Confusion over Social Security is a shame, considering how many of us will need this money badly.

9 Shopping Mistakes to Avoid at Costco
9 Shopping Mistakes to Avoid at Costco

Are you missing out on serious savings at your favorite warehouse club?

If You Find This Thrift Shopping, Buy It
If You Find This Thrift Shopping, Buy It

They don’t make coffee makers like this anymore.

The 16 Cars Most Likely to Last 200,000 Miles
The 16 Cars Most Likely to Last 200,000 Miles

One automaker takes half the spots on a list of the longest-lasting vehicles.

14 Things You Should Stop Buying in 2021
14 Things You Should Stop Buying in 2021

These convenient household products come with hidden costs that you might not have considered.

3 Ways to Get Microsoft Office for Free
3 Ways to Get Microsoft Office for Free

With a little ingenuity, you can cut Office costs to zero.

Is Writing a Check Still Safe?
Is Writing a Check Still Safe?

Every time you pay by check, you hand your bank account numbers to a stranger.

6 Ways to Protect Your Retirement Accounts From Hackers
6 Ways to Protect Your Retirement Accounts From Hackers

Imagine having $245,000 stolen from your retirement account — and not being reimbursed.

8 Things You Should Replace to Improve Your Life Today
8 Things You Should Replace to Improve Your Life Today

Being frugal isn’t smart if you put off replacing these items.

This Is the Most Dependable Car Brand in the U.S.
This Is the Most Dependable Car Brand in the U.S.

This brand’s vehicles are least likely to give drivers repair headaches, according to J.D. Power.

7 Social Security Benefits You May Be Overlooking
7 Social Security Benefits You May Be Overlooking

There’s more to Social Security than retirement benefits.

13 Amazon Purchases We Are Loving Right Now
13 Amazon Purchases We Are Loving Right Now

These practical products make everyday life a little easier.

7 Hidden Sections of Amazon Every Shopper Should Know
7 Hidden Sections of Amazon Every Shopper Should Know

These little-known departments of Amazon are gold mines for deal-seekers and impulse shoppers alike.

7 Income Tax Breaks That Retirees Often Overlook
7 Income Tax Breaks That Retirees Often Overlook

Did you realize all these tax credits and deductions exist — or that they apply to retirees?

The 6 Best Investing Apps for Beginners
The 6 Best Investing Apps for Beginners

If you’re looking to ease into investing in the coronavirus economy with just a little money, check out these easy-to-use tools.

7 Kirkland Signature Items to Avoid at Costco
7 Kirkland Signature Items to Avoid at Costco

Even if it seems you save a bundle buying Costco’s Kirkland Signature brand products, they may not be the bargain they appear to be.

Homeowners Say These 2 Kitchen Appliance Brands Are Best
Homeowners Say These 2 Kitchen Appliance Brands Are Best

One brand takes five of the top honors, while another ranks highest in three categories.

View More Articles

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started

Add a Comment

Our Policy: We welcome relevant and respectful comments in order to foster healthy and informative discussions. All other comments may be removed. Comments with links are automatically held for moderation.