A couple of weeks ago the world woke to the news of yet another serious security flaw being discovered in our networks. Most major tech brands were quick to respond with releasing patches to protect their devices, but with now over 20 billion devices worldwide, many still are extremely vulnerable. And sadly, this will not be the last vulnerability to be discovered. IoT is notoriously weak on the security front, and with big money to be made, cybercrime is rapidly becoming the largest illegal industry in the world. Through hacking, cybercriminals can gain access to information such as your bank details, sell this information on to interested parties, or even hold you and your devices to ransom. Think of the financial havoc a hacker could wreck with this access, let alone the psychological and emotional trauma of having a stranger snooping through your private life. Because of this it is vital to protect yourself against KRACK and the latest vulnerabilities.
This scary hack exploits a flaw within WPA2. This is the wireless encryption standard that keeps the information that is being passed on via your Wi-Fi secure. Basically, WPA2 prevents other devices being able to read what you are doing on the network, but with this security flaw an intruder can change the way in which your devices communicate with the Internet. They do this by making an evil twin access point – and yes, it is as scary as it sounds! Hackers use a device to mimic your router on the network and then force your devices to communicate with the evil twin instead. This allows them to gather the data passing between your devices and the “router”, such as passwords and confidential information. The worse thing is that it is completely invisible to you whilst its happening. Check out our handy diagram on how an evil twin attack works.
This type of attack is very difficult to detect on your network so can happen without you even knowing about it. But its not all doom and gloom. Luckily there are some methods you can take to both detect and protect against a KRACK attack.
We are all guilty of ignoring an update, watching it pop up repeatedly in the bottom of the screen but taking weeks to accept it. Updates are a vital part of protection within network security. Soon as a vulnerability is noticed by the cybersecurity world hackers will race to exploit it whilst the software companies will race to fix it. When a company has found a fix they will push it out to your device in an update. Whoever wins the race to your device holds the fate of your information in their hands! Check with the manufacturers of your IoT and router that they have released a protection patch for this flaw, and if not keep the device off WiFi until they have. A lot of devices perform automatic updates so remove the pain of you having to do it yourself. But if your device requires manually updating and you ignore it, you are then leaving yourself prey to the hackers picking off the last remaining vulnerable devices. Don’t be one of them.
If you want to continue using a device but are waiting on a patch, you can instead connect to the Internet via an Ethernet or Data (3/4G) connection. KRACK only works on WiFi, so stay away from wireless connections whilst your device is still vulnerable.
One simple thing to do before exchanging information over WiFi is to check the address bar. If the web address has ‘https’ at the start then there is an extra secure encrypted connection between yourself and the site, so it is likely to be safe. If it just says ‘http’ then this protection encryption isn’t there. You can now add an HTTPS browser extension that will tell any website that has both an HTTP and HTTPS versions to opt for the securer connection. Be warned though – websites that do not have an HTTPS version will remain in HTTP, so keep an eye on the address bar.
VPNs provide a private channel between your device and the Internet. Any hacker that tries to look at a device using a VPN will see a load of code that makes no sense to them, therefore protecting your device from hacking. Whilst this is a great way of keeping your information secure on its travels between the Internet and your device, some VPN companies have recently got into hot water for logging their customers’ online activity and sharing this information. So, make sure to do your research before using a VPN.
The number of devices within our homes is getting to the point where we are starting to lose track. Our 22 million Fing users perform 1 million network scans a day and have discovered over 10 billion devices in the past year - if we had a cent for every time a Fing user rediscovered a long-forgotten device sitting on their network we would be sipping cocktails in the Bahamas by now! So start your KRACK security audit by using the free Fing network scanning app to discover all the wireless devices on your WiFi. Once you have worked your way through our top tips on each individual device you will be ready to get back to browsing that WiFi! However, what about those devices that may never get that much-needed patch fix, as well as not having the ability to be connected by Ethernet or Data? How can you continue safely using these devices? Our home network security device, Fingbox, has the answer! Fingbox already has the ability to detect evil twin attacks on your network so soon as KRACK was announced our team immediately set to work to see if it could also specifically detect a KRACK attack. Not only were we successful, but we are currently the only home device on the market that can alert you, in real-time, to a KRACK attack taking place on your WiFi, allowing you to take immediate action to protect your information. With a Fingbox you are no longer blind to hackers on your network - you can spot them and take the measures needed to stop them. Knowing what is on your network gives you back the power.It's very easy for us to take an “it won't happen to me” approach to network security, but as IoT gains further access into our lives this sort of crime is only going to get more common. So beat the hackers and get yourself protected today.