There’s a new KRACK hack that puts pretty much every WiFi network at risk … but the media isn’t making much of a fuss!
Due to new vulnerabilities discoveredy in WPA2, the most widely used Wi-Fi security protocol, virtually all devices are now vulnerable to attack.
To ease your mind – a hacker would have to go to some lengths to exploit this hack – so your home network is probably not much of a target … but institutional networks (i.e. Universities) & Public Networks that require a password are legitimate targets.
To explain in simple terms KRACK allows a hacker to interfere with a process called a four-way handshake that goes something like:
“Hi I want to connect”
“What’s the password?”
“OK you’re in – here’s an encrypted connection”
Because the hacker interferes with the initial handshake they may be able to decrypt the traffic you exchange over WiFi. This means they’re able to do many, many bad things without even being on the network. Bad things? Like being able to intercept, modify & forge fake data & theoretically be able to inject ransomware or other malware into otherwise safe websites.
If you have a USB drive or are attached to a NAS (Network-attached storage) then it’s a data free-for-all.
It’s worth keeping in mind that in order to pull off such an attack, a KRACK hacker would need to be in your device’s Wi-Fi range and impersonate a network that your device already trusts and would attempt to connect to.
What makes KRACK scary isn’t that it’s going to cause mass destruction
– but that it exploits a protocol that is pretty much used Everywhere.
The GOOD news is the vulnerability is easily patched so most software & hardware vendors have fixed the issue or will so in the near future.
Your job is to make sure that ALL of your devices are patched when it’s available..
There are lists published already – such as Owen Williams’ Charged blog that list the companies that have already fixed it & links to the patches.
So DON’T PANIC … Keep an eye out for patches, apply as soon as possible, and keep in mind that the issue is fixable.
Relying on WiFi as your main internet ‘backbone’ is never a good idea – it simply doesn’t provide the bandwidth & coverage that some of your data-hungry devices require.
But – of course there is a place for WiFi in every office or home to cater for smartphones & tablets … the problem is getting the signal distributed.
The people at Ubiquiti have come up with an idea that I LOVE! –
The In-Wall Wifi Access Point
With this clever device you retro-fit your existing cabled ethernet points to provide a WiFi Access Point as well as your existing cable point.
The obvious advantage of this is you don’t have to have additional unsightly hardware to provide WiFi where it’s needed & of course no extra cables.
You do need POE (Power over Ethernet) but adapters are readily available if you’re not ready to upgrade your router.
Installation is easy …
- You simply unscrew your existing socket from the wall,
- Ensure that the wall cavity will accommodate the new fitting
- Plug in the POE enabled cable from your router
- & Reinstall the socket.
Voila … A WiFi Access Point, Your existing Ethernet Socket as well as a 2nd POE enabled Socket.
Range is only about 25 metres which is still ample for the average office or home Family Room.
Pricing looks to be around AU$99, which compares favourably with fitting multiple wired access points or repeaters around – and it’s a tidy solution!