A flaw in WPA2, the encryption protocol used by routers to secure networks, has been shown to have a massive flaw, leaving networks across the globe open to cyberattacks.
Let’s repeat that – WPA2, which is the wireless encryption standard used to keep wireless networks secure and used by just about every router in the world – is no longer secure. In super plain terms – that means that hackers can now spy on, eavesdrop and capture whatever data they want on just about every wireless network in the world.
The exploit, named KRACK, takes advantage of the fact that some of the encryption algorithms used by WPA2 aren’t quite as random as they should be and, with enough persistance, a hacker could eventually break onto the wireless network. Details of the exploit were revealed by the researchers who discovered it at the website Krackattacks.com on October 16.
Here’s a video made by the researchers that discovered the exploit of how it works.
(Spoiler alert: for the terminally techy only.)
This security exploit is present in just about every piece of wireless hardware sold over the past few years – including that extra fancy internet-connected refrigerator you just bought. Changing your password isn’t going to do any good.What’s that? Oh, you think this means you’re finally going to get around to changing the WiFi password you have hanging on the blackboard above your cash register? Or maybe think of something a little more creative than Password123?
So – yeah, you could say it’s bad.
How You Can Protect Your WiFi
Ok. So we’ll cut it with all the doom and gloom. There are a couple of bright spots here to takeaway.
HTTPS is still OK
HTTPS (HyperText Transport Protocol Secure) is still secure. This is the type of securityused by most financial and shopping websites like Amazon.
You know the little lock you see in the URL window when you visit a site? That means that transactions are secured by HTTPS.
So you’re still good in the hood.
Automatic Security Upgrades
Companies that manufacture routers and connection points for use in businesses and public areas have been aware of the exploit for a while and have already started releasing patches and upgrades for their equipment. Companies like Microtik, Ubiquiti and Aruba have been pushing out patches automatically for their networked routers.
Update Your Router Firmware
If you have a wireless router you got from your cable provider or one that you picked up at the half off bin in the store, you’ve got some work ahead of you. In order to fix the security vunerabilities, you’re going to have to upgrade the firmware in your router, what is known as “flashing”.
It’s not quite as difficult as it sounds. You’ll need to follow your manufacturers diretions – which means digging through and finding the instructions for the router in the first place. Here’s an example on how to do this with a Netgear router.
The good thing is that it’s typically a pretty fast process. The bad part is that, if you mess up, you could brick your entire router. If in doubt, take the router into a computer repair or IT service shop and have them do it for you.
Keeping Your Business WiFi Safe
If you’re a business owner, you’ve probably long known about the benefits of offering free WiFi for your customers. But, after seeing the security implications of hacks like the WPA2 exploit, you’re wondering how to keep your business WiFi safe and secure?
That’s an excellent question – because that’s where Stampede comes in.
No more writing down passwords on a blackboard. With Stampede, customers check into your network with an email or social media login. They’re securely connected and can surf the web knowing that their data is protected.
Because Stampede works with major manufacturers like Ubiquiti and MikroTik, your routers and access points can be upgraded automagically as soon as a security breach is spotted.
And let’s not forget about marketing. With Stampede you can offer your customers a branded login screen to keep your business first and foremost in their mind. You can also use your login screen to capture customer data for use in building mailing lists or SMS marketing.
Ready to make the switch to safe and secure WiFi? Try Stampede today!