Yesterday was big news in the world of wireless, and not for a great reason. Security researcher Mathy Vanhoef publicly disclosed that a major vulnerability, ‘KRACK’, was discovered in the common encryption protocol WPA2. Seeing that almost every wireless device and router relies on WPA2 to encryption, you can bet that you’re probably affected. Below we’ve rounded up some of the top tips for keeping your network safe in the wake of the ‘krack attack.’
Consider Replacing Your Router
Your wireless router will definitely need some updating. If your router was supplied by your service provider, you should ask the company when their branded kit will be patched. Look to see if your router is up to date by checking out the administrator panel. If your service provider has no intention of quickly putting out firmware, it’s probably time to find another ISP….
Might be time to dust off those old Ethernet cables if your router still hasn’t received a patch. You may also want to disable wi-fi on your device, just to be safe that all network traffic is going through the Ethernet cable.
Update Your Devices
Before you panic, you should know that your wireless devices can be updated to prevent the KRACK vulnerability. All updated devices and non-updated devices can exist simultaneously on the same network. That being said,k you should update all your routers and wireless devices with the latest security patches. You may also want to consider enabling automatic updates to prepare for any future vulnerabilities.
Stay with me on this one. We all know extra data charges can be pricey and that cellular connections can often be iffy at best in some areas. Any devices running Android 6.0 or later are especially vulnerable, so Android users, be careful!
It’s possible to cut down on risks by prioritizing encrypted internet traffic over unencrypted traffic. The Electronic Frontier Foundation has released a browser extension by the name of HTTPS Everywhere, that we highly recommend to anyone using Chrome, Firefox, or Opera. This extension automatically tells your browser to use the HTTPS encrypted access of the unencrypted access. Keep in mind that if a site doesn’t offer secure access, this extension isn’t able to do much about it.