Network security researchers have discovered vulnerabilities in the wireless network connection, this means that a hacker can intercept the communication between our device and the wireless network router.
This defect can use the vulnerability in the WPA2 security Protocol, which is used to ensure that the majority of modern Wi-Fi network.
The main attack, which the researchers claim is directed to the four-way handshake of the WPA2 Protocol, which is used to create a key for encryption of Internet traffic, work interruption, the third step, in which the encryption key may be resent multiple times.
Once the work has been completed, the process of encryption is destroyed, leaving the system vulnerable.
KRACK may affect device running Android, Linux, Apple and Windows, while Android and Linux are considered to be at particular risk.
Read next: the most secure browser of 2017.
“Everyone uses Wi-Fi are vulnerable. The Protocol level of the weak impact of WPA1 and WPA2 protocols(those used to protect home and business Wi-Fi network),”said Bob Rudy, the chief data scientist at Rapid7.
“Attackers only need a signal range of the Wi-Fi network. No authentication is required.
“Organizations and home users should actively check for patches for their wireless network access points and patched them immediately after the repair has been promulgated suppliers”, he said.
To limit the role of the security flaws, experts recommend to connected to the Wi-Fi network through a virtual private network monitoring and apply security patches where possible.
Read next: The Best Virtual Private Network 2017.
“All users of the app a VPN service when connected via public Wi-Fi connection or completely to ensure they only connect to the website in HTTPS,”Mr. Dees explained.
“We want to strongly emphasize that the home users, especially those in densely populated areas-an absolute must to monitor for patches to their existing Wi-Fi equipment, or migration to new equipment, no such vulnerability.
The business user, this is a slightly longer process, to ensure safety.
IT departments should look to implement these changes to their entire network, to ensure that the attack will not damage their system.
“Agencies should consider re-designing their Wi-Fi network, in order to consider them as’untrusted area and always need to VPN into the main network of organizations,”said Rudy at.
“Organizations should also ensure that they use the most detailed debug logging their Wi-Fi network and configure your own monitoring system, in order to find this attack.
“It is a very noisy, active attack, and should be detected by the majority of enterprise network security monitoring system.”
Read next: the best online privacy tools.