As you may be aware, security researchers have discovered a serious weakness in the wireless security protocol WPA2, which could potentially expose wireless internet traffic to malicious eavesdroppers and attacks. This vulnerability, known as KRACK, could potentially allow hackers to read information that was previously assumed to be safely encrypted, giving them access to sensitive data such as credit card details, passwords and other sensitive data.
WPA2 is the most up-to-date standard when it comes to wireless protection algorithms, and this security flaw has been identified by security analysts and is not currently being used by hackers, as far as we know. Android-based operating systems are currently the most vulnerable, but all manufacturers are currently working on patches for the issue. We currently have no timescale for the release of these [see update at foot of article for more details on this].
Making sure that the firmware is up-to-date on all of your devices is the only step we can advise at the moment, as this vulnerability affects the device, rather than your network. For the time being, using a wired connection for sensitive data is the best option as well as making sure any sites you visit have HTTPS encryption.
Avoiding the use of public WIFI is advisable, as we believe this poses the biggest risk to your devices. Your private WIFI isn’t a particularly attractive target for hackers, as they will only receive information from one individual at a time. Instead, any hackers trying to exploit this vulnerability are more likely to target public WIFI spots, as they would be looking to collect and sell information on thousands of individuals at a time with a single hack.
Once we learn more about this situation, we will release a further update on the subject with additional information on how best to protect the smart home from this security vulnerability.
A number of technology manufacturers have released patches to the KRACK WPA2 security flaw, including Microsoft, Linux and Apple. There are still several devices and platforms – notably Android – that remain unsecured, although updates are being released constantly. Click on the link for a full list of the available KRACK software patches.
If you are a smart homeowner that is unsure about how to secure your property, it is recommended that you seek advice from a smart home specialist as soon as possible. They will be able to talk you through your options and help you secure your devices to the full extent possible.