For years we've all depended on the WPA2 (Wi-Fi Protected Access) protocol to secure our Wi-Fi networks.
Security researcher Mathy Vanhoef has revealed what he has labeled KRACK, an exploit that attacks a vulnerability in the handshake of the WPA2 protocol that you most likely use to protect your Wi-Fi at home and millions of small businesses around the world use, too.
Speaking at the ACM Conference on Computer and Communications Security in Dallas, Vanhoef explained that this exploit may allow packet sniffing, connection hijacking, malware injection, and even decryption of the protocol itself. The vulnerability has been disclosed to the people who need to know these sorts of things early to find a fix and US-CERT (United States Computer Emergency Readiness Team) has released this prepared bulletin:
"US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017."
How do I stay safe?
Avoid public Wi-Fi.
Check your router's maker website and look for firmware updates and install them.
Only connect to secured services. Web pages that use HTTPS or another secure connection will include HTTPS in the URL. You should contact any company whose services you use and ask if the connection is secured using TLS 1.2, and if so your connection with that service is safe for now.
If you have a paid VPN service that you trust you should enable the connection full-time until further notice.
Use a wired network if your router and computer both have a spot to plug in an Ethernet cable. This exploit only affects 802.11 traffic between a Wi-Fi router and a connected device.
Keep your computers (PC and Mac) and network devices (phones, access points, wireless printers, etc.) updated.
What could happen if I am on an attacked network?
An attacker may be able to do things like redirect traffic on a Wi-Fi network or even send bogus data in place of the real thing. This means something harmless like printing a thousand copies of gibberish on a networked printer or something dangerous like sending malware as a reply to a legitimate request for information or a file. The best way to protect yourself is to not use Wi-Fi at public networks and update all your wireless devices as soon as possible.