Severe Wi-Fi Protocol Flaw Puts Everyone at Data Theft Risk: US Government
According to an advisory issued by the US Computer Emergency Readiness Team (US CERT) late on Sunday, anyone using the Wi-Fi Protected Access II (WPA 2) protocol is probably compromised.
Google Launches 150 Google Station WiFi Hotspots In Pune (photo for representation)
A serious flaw in the Wi-Fi network security protocol -- used in routers at home or office -- has left almost every user at risk of data hacking and privacy breach, the US government has warned. According to an advisory issued by the US Computer Emergency Readiness Team (US CERT) late on Sunday, anyone using the Wi-Fi Protected Access II (WPA 2) protocol is probably compromised. WPA2 has been used on all certified Wi-Fi hardware since 2006.
The WPA (which is now obsolete) and WPA2 standards were created by the Wi-Fi Alliance industry group that promotes interoperability and security for the wireless LAN industry. "US-CERT has become aware of several key management vulnerabilities in the four-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol," the advisory read. "The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others." "Note that as protocol-level issues, most or all correct implementations of the standard will be affected," it added. The Wi-Fi exploit is knows as "KRACK" -- short for Key Reinstallation Attacks.
According to The Guardian, security expert Mathy Vanhoef from Belgian university KU Leuven discovered the flaw in the wireless security protocol WPA2. "Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos and so on," Vanhoef was quoted as saying. The flaw affects operating systems and devices, including Android, Linux, Apple, Windows, MediaTek and others.
An arstechnica.com report said the vast majority of existing access points aren't likely to be patched quickly, and some may not be patched at all. "If initial reports are accurate that encryption bypass exploits are easy and reliable in the WPA2 protocol, it's likely attackers will be able to eavesdrop on nearby Wi-Fi traffic as it passes between computers and access points," the report added. People are being advised to use a wired Ethernet connection rather than Wi-Fi, wherever possible. They are also advised to stop logging into websites or URLs that don't start with HTTPS.
3 Reasons To Buy Apple iPhone 8 Plus and 2 Reasons To Skip It | Feat The Unbiased Blog
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Subscribe to Moneycontrol Pro and gain access to curated markets data, trading recommendations, equity analysis, investment ideas, insights from market gurus and much more. Get Moneycontrol PRO for 1 year at price of 3 months. Use code FREEDOM.
Recommended For You
- Kapil Sharma's Wife Ginni Chatrath Flaunts Baby Bump on Movie Outing
- Prabhas and Raveena Tandon Dance on 'Tip Tip Barsa Pani' on Nach Baliye 9
- Sai Praneeth Guarantees 1st Men's Singles World Championships Medal Since 1983
- Metz M55G2 4K Android TV Review: So Good, it Should Cost a Lot More Than Rs 42,990
- Jio Effect: Tata Sky Broadband Offers 6 Months Additional Usage on Annual Plans