What is Krack? The Wi-Fi security flaw explained
Apple and Google have both promised to fix the Krack WPA2 security flaw that leaves masses of routers and Wi-Fi connections vulnerable to hackers.
Discovered on Monday October 16, the Krack flaw can be exploited by hackers to intercept encrypted network traffic and inject malicious code such as ransomware into websites – despite Wi-Fi networks appearing to be secure through the WPA2 protocol.
Google has now said it will release a patch on November 6 to secure Wi-Fi connections on Android devices, though makers of Android phones with their own custom skins and modifications will need to push out their own patch to their customers.
Apple has also stated that it has developed macOS and iOS patches that are currently being tested and will be rolled out to its users within a matter of weeks.
Microsoft appears to have been well ahead of the game, with the Redmond-based company explaining it has issued a security update last week that fixes the security hole for Windows 10 and Windows 8, and even Windows 7 users.
The potential scope for the Krack vulnerability to wreak havoc and allow hackers to steal valuable information such as credit card details, passwords and user names, is rather large. But before you go around shutting off every Wi-Fi device in your house, it’s worth noting that hackers need to be in range of your Wi-Fi connection to exploit it.
Plus, if you are connecting to a site that uses the more secure HTTPS standard, then your data travelling to and from it should have an extra layer of encryption to discourage cyber crooks from swiping it; but in the same vein, sites using the older the HTTP standard should be avoided.
It’s also worth ensuring you have the latest updates for your Wi-Fi devices and that the security software on your computer is up-to-date. Making use of a virtual private network (VPN) when connecting to a public Wi-Fi hotspot will also help keep you out of the sights of hackers looking to exploit Krack while they have the chance.
Overall, Krack is a nasty vulnerability, but it would appear that the major tech companies are on the case to plug the security hole and force hackers and cyber criminals to find new vectors of attack.
Related: Best free antivirus software
Have you ever been hacked? Let us know your story on Facebook or tweet @TrustedReviews.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
