Widespread Security Flaw Leaves Wi-Fi Networks Open to Attack

Photo by Eugenio Marongiu / Shutterstock.com

A fundamental flaw has been discovered in the security layer that protects Wi-Fi networks.

As a result, it is possible for hackers to intercept information you transmit over a Wi-Fi connection.

This vulnerability in the security layer known as Wi-Fi protected access II, or WPA2, was discovered by Mathy Vanhoef, a researcher at Belgian university KU Leuven. He explains on his website devoted to the issue:

“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

The CERT Division of the Software Engineering Institute at Carnegie Mellon University — which is sponsored by the U.S. Department of Homeland Security — also issued a notice about the WPA2 vulnerability Monday.

How hackers can exploit devices

Attackers could exploit the WPA2 weakness using what’s known as a key reinstallation attack, or KRACK, if they are within range of your Wi-Fi network.

As Alan Woodward, a professor in the Department of Computer Science at England’s University of Surrey, explains it to the BBC:

“When any device uses Wi-Fi to connect to, say, a router it does what is known as a ‘handshake’: It goes through a four-step dialogue, whereby the two devices agree [on] a key to use to secure the data being passed (a “session key”). This attack begins by tricking a victim into reinstalling the live key by replaying a modified version of the original handshake. In doing this a number of important set-up values can be reset, which can, for example, render certain elements of the encryption much weaker.”

Vanhoef notes that all modern protected Wi-Fi networks use this four-way handshake. So, any device that supports a Wi-Fi connection is most likely affected by this vulnerability. For example, his research found that Android, Apple, Linux and Windows devices, among others, are at risk.

What you should know and do about the WPA2 weakness

The security flaws Vanhoef discovered are in the WPA2 standard itself rather than individual products. That is why any Wi-Fi-enabled device is most likely impacted. It is also why experts, including Vanhoef and CERT, are urging folks to update their devices with the latest available security patches. That includes laptops and smartphones as well as routers. CERT’s note says:

The WPA2 protocol is ubiquitous in wireless networking. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific vendor or product, check the Vendor Information section of this document or contact the vendor directly.

Forbes reports that Microsoft has already issued a patch, while Cisco and Intel have issued security advisories.

A spokesperson for Google, which developed the Android operating system, told Forbes, “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.”

The Wi-Fi Alliance, which represents the Wi-Fi industry, also notes that “there is no evidence that the vulnerability has been exploited maliciously.”

What’s your take on this news? Sound off below or over on our Facebook page.

Disclosure: The information you read here is always objective. However, we sometimes receive compensation when you click links within our stories.

Read Next
How to Avoid Being Surprised by 7 Nasty Expenses
How to Avoid Being Surprised by 7 Nasty Expenses

Major expenses are difficult to predict, but there are ways to make sure you’re protected.

7 Secret Departments of Amazon You Should Know About
7 Secret Departments of Amazon You Should Know About

These little-known sections of Amazon are hidden gems for deal-seekers and impulse shoppers alike.

Have You Heard of This Best Place to Retire in 2020?
Have You Heard of This Best Place to Retire in 2020?

The best place to retire in America is one you likely are not familiar with.

15 Products You Need — Even If You Didn’t Know It
15 Products You Need — Even If You Didn’t Know It

Discover some must-have products on Amazon that you didn’t even know you were missing.

14 Uses for WD-40 That Save Money, Time or Headaches
14 Uses for WD-40 That Save Money, Time or Headaches

WD-40 is handy in a lot more situations than you likely realize.

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started

Most Popular
9 Things You’ll Never See at Costco Again
9 Things You’ll Never See at Costco Again

The warehouse store offers an enormous selection, but these products aren’t coming back.

11 Things Retirees Should Always Buy at Costco
11 Things Retirees Should Always Buy at Costco

This leader in bulk shopping is a great place to find discounts in the fixed-income years.

Over 50? The CDC Says You Need These 4 Vaccines
Over 50? The CDC Says You Need These 4 Vaccines

Fall is the time to schedule vaccines that can keep you healthy — and even save your life.

11 Senior Discounts for Anyone Age 55 or Older
11 Senior Discounts for Anyone Age 55 or Older

There is no need to wait until you’re 65 to take advantage of so-called “senior” discounts.

11 Household Items That Go Bad — or Become Dangerous
11 Household Items That Go Bad — or Become Dangerous

When you get the impulse to stockpile these everyday items, pay close attention to their expiration dates.

8 Things You Can Get for Free at Pharmacies
8 Things You Can Get for Free at Pharmacies

In this age of higher-priced drugs and complex health care systems, a trip to the pharmacy can spark worry. Freebies sure do help.

These Are the 4 Best Medicare Advantage Plans for 2020
These Are the 4 Best Medicare Advantage Plans for 2020

Medicare Advantage customers themselves rate these plans highest.

7 Ways to Boost Your Credit Score Fast
7 Ways to Boost Your Credit Score Fast

Your financial security might soon depend upon the strength of your credit score.

The 10 Most Commonly Stolen Vehicles in America
The 10 Most Commonly Stolen Vehicles in America

A new model parks atop the list of vehicles that thieves love to pilfer.

19 High-Paying Jobs You Can Get With a 2-Year Degree
19 High-Paying Jobs You Can Get With a 2-Year Degree

These jobs pay more than the typical job in the U.S. — and no bachelor’s degree is required.

The 15 Worst States for Retirees in 2020
The 15 Worst States for Retirees in 2020

Based on dozens of metrics tied to affordability, quality of life and health care, these are not ideal places to spend retirement.

5 Ways to Get Amazon Prime for Free
5 Ways to Get Amazon Prime for Free

Hesitant to drop $119 a year on an Amazon Prime membership? Here’s how to get it for free.

10 Reasons Why You Should Actually Retire at 62
10 Reasons Why You Should Actually Retire at 62

If you can, here are several good reasons to retire earlier than we’re told to.

3 Ways to Get Microsoft Office for Free
3 Ways to Get Microsoft Office for Free

With a little ingenuity, you can cut Office costs to zero.

26 States That Do Not Tax Social Security Income
26 States That Do Not Tax Social Security Income

These states won’t tax any of your Social Security income — and in some cases, other types of retirement income.

5 Keys to Making Your Car Last for 200,000 Miles
5 Keys to Making Your Car Last for 200,000 Miles

Pushing your car to 200,000 miles — and beyond — can save you piles of cash. Here’s how to get there.

14 Things That Are ‘Free’ With Medicare
14 Things That Are ‘Free’ With Medicare

These services could save you money and help prevent costly health problems.

5 Things That Make Life More Meaningful for Retirees
5 Things That Make Life More Meaningful for Retirees

Retirees agree: These are the things that give them purpose and fulfillment in their golden years.

15 Amazon Purchases That We Are Loving Right Now
15 Amazon Purchases That We Are Loving Right Now

These practical products make everyday life a little easier.

View More Articles

View this page without ads

Help us produce more money-saving articles and videos by subscribing to a membership.

Get Started

Add a Comment

Our Policy: We welcome relevant and respectful comments in order to foster healthy and informative discussions. All other comments may be removed. Comments with links are automatically held for moderation.