A WPA2 security hack is big news, and for all the wrong reasons. We investigate how secure is your Wi-Fi.
Wi-Fi security has evolved to the extent that most modern routers are set up to be secure with strong encryption methods, built-in firewalls and other security measures devised to protect you from malicious attacks. But what happens when those encryption methods are broken?
That’s exactly what has happened, after Belgian researchers at KU Leuven University broke the WPA2 security protocol. WPA2 is used to protect the majority of Wi-Fi connections in the world because it is the most secure method available for general use.
The exposed flaw, which researchers are calling ‘Krack’ (Key Reinstallation AttaCK), leaves wireless traffic vulnerable to potential eavesdropping with malicious intent.
Security expert Mathy Vanhoef explains that information previously presumed to be safe and now at risk includes credit-card numbers, passwords, chat messages, emails, photos and more. Depending on the network configuration it is also possible that “ an attacker might be able to inject ransomware or other malware into websites”, he says.
The WPA2 hack is alarming news, but Alex Hudson, chief technical officer at Iron, advises calm.
Not only does a Wi-Fi attack need to be in proximity, but it’s unlikely that you’re sending a large amount of information over the web that relies solely on WPA2 for protection. The https protocol used on many secure sites adds another layer of protection, for example, as would the use of an encrypted network afforded by a VPN.
(Read our round-up of the best VPNs .)
However, you should be particularly mindful of the padlock icon in your browser’s address bar: if a padlock is not visible, indicating its support for https, then there is a possibility any data you enter will be viewable until the flaw is fixed.
Although wireless routers are rarely updated, it’s important to install the patches for your other devices as and when they become available to ensure security on other networks warn the researchers.
Vanhoeuf claims no devices or software were immune to the weakness, though due to how they implement WPA2 security iOS and Windows were found to be among the most secure, while Android 6.0 Marshmallow and Linux are the least secure.
Companies have been aware of the flaw since late August, so patches should be coming in the next few weeks.
Modern routers usually have Wi-Fi security (a password) enabled by default, but they also use various protocols for encryption of the data you send across the web. Here are some of the terms you’ll see knocking about for consumer-grade Wi-Fi:
Wired Equivalent Privacy (WEP) was the norm back in 1997 when the 802.11 Wi-Fi standard was introduced. This is now deemed insecure and was subsequently replaced in 2003 by WPA through the TKIP encryption method.
Temporal Key Integrity Protocol (TKIP) is now also being phased out, but unlike WEP is still seen in most modern routers.
Advanced Encryption Standard (AES) was introduced shortly after TKIP in 2004 as WPA2, the new and improved WPA standard. Select this level of encryption where possible, but note that your wireless devices will also need to support it in order to talk to your router (most do, but some older kit may not).
Even despite the news of a WPA2 hack as outlined at the top of this article, WPA2 is still said to be the most secure protocol. Nowadays router manufacturers and ISPs typically use WPA2 by default; some use a combination of WPA2 and WPA to ensure compatibility with the widest range of wireless kit.
You may also see an option with the suffix ‘-PSK’ which is short for Pre-Shared-Key or Personal Shared Key. If you’re offered the choice then choose WPA2-PSK (AES) over WPA2-PSK (TKIP), but if some older devices cannot connect instead choose WPA2-PSK (TKIP); it still uses the newer WPA2 encryption while enabling older devices that might be stuck with TKIP to connect to your router. You may find it listed as WPA2-PSK (mixed mode).
WPS stands for Wi-Fi Protected Setup, and it was created to make configuring Wi-Fi connections easier. It sounds great, but it creates an easier entry point for hackers – with an eight-digit PIN it’s easy to hack through brute-force techniques.
The easiest way to know if you’ve got WPS enabled is to look on your router or the box it came with, as it often has a distinct logo and a physical button located on your router to quickly access WPS.
If you’re still unsure, you can go into your router settings, which is usually accessed by typing 192.168.1.1 or 192.168.0.1 (or other, depending on your ISP and router’s manufacturer) in your URL address bar and logging into your router’s admin panel.
The problem with WPS is that it’s often enabled by default by router manufacturers, so it is good practice to disable it, especially if you don’t think you’ll ever use it.
As you’ve now logged into your router’s settings, you’ll also be able to see an option to change the router’s admin login details. We recommend changing this, as it’s simple to do so and protects you from anyone wanting to mess with your router’s settings.
Many routers (though not usually those which are provided by your ISP) come with a generic username and password, typically ‘admin’ and ‘password’. Changing this will mean it will become a lot harder and near impossible to hack into your router’s admin panel.
Read next: How to hack your Wi-Fi password
Follow Marie Black on Twitter.
