Massive WiFi Vulnerability Exposed
We’ve all been warned against using public WiFi for sensitive communications like banking transactions. You never know who is on the same network eavesdropping on your traffic. This is just common sense.
However… On your own personal WiFi network you feel pretty secure, right?
Maybe not so much. For years I’ve told my clients to take extra steps to secure their home WiFi. The simple fact is that if I want access to your WiFi network I can park a car out front and hack it in pretty short order. Any semi-competent hacker wannabe can accomplish this task without too much difficulty.
Now a key element of your WiFi security has been rendered useless by the latest hack.
KRACK (Key Reinstallation Attack) can replace your encryption key, allowing any ne’er do well in range of your WiFi to eavesdrop on all your network traffic, which includes credit card information and passwords to all your secure online accounts.
According to the researchers, the newly discovered attack works against:
- Both WPA1 and WPA2,
- Personal and enterprise networks,
- Ciphers WPA-TKIP, AES-CCMP, and GCMP
Basically, any security mechanism you employ is vulnerable.
If you want all the gory details…
So what do you do to protect yourself?
- Check your router vendor’s website for firmware updates to mitigate this threat.
- Render your SSID invisible.
(disable SSID broadcast)
The SSID (Service Set IDentifier) is your WiFi network name.
First of all your WiFi network should NEVER be something that identifies you. I’ve seen people use their actual names, street addresses, etc. This makes it incredibly simple to target YOU personally. Always use something cryptic that in no way whatsoever identifies you. I personally like “FBI Surveillance Van”
In your router setup, there is the option to turn off the SSID broadcast. In other words, when browsing for a WiFi network to connect to, you will never see it. And neither will anyone else. It is not “broadcast”. It still exists, but in order to connect to it you have to know the exact name and type it in manually on your phone or computer to establish the connection. This should be SOP (Standard Operating Procedure) for every personal or corporate WiFi network.
If you’re not comfortable making this change yourself, your Internet provider can probably help you – or you can call me.