Wi-Fi Easy Hacking Security Alert
There were different intense vulnerabilities reported about Wi-Fi Protected Access II (WPA2) protocol on Sunday and these vulnerabilities were disclosed on Monday morning to the whole world. These vulnerabilities make data sharing between Wi-Fi access points and computers inclined. Now the Wi-Fi users can be hacked easily and their information can be retrieved even they are password protected or encrypted. The users need to sale their data through the encrypted connections by VPNs or SSH.
KRACK (Key Reinstallation Attacks)
KRACK-Key Reinstallation Attacks are the main reason behind the exploitation of user data. The vulnerabilities of protocol were brought into attention by website with list of operating system, which are now at risk:
- MediaTek Linksys
- Android
- Windows
- Linux
- OpenBSD
- Apple
The website highlighted the data encrypted with the use of Wi-Fi encryption protocol WPA2 and it is also at risk with decrypted by attackers. They penetrate their way with the modern protected Wi-Fi networks and it is being used to steal important information like chat messages, credit card numbers, emails, passwords and photos. They can be used for injecting and manipulating data like ransom-ware or malware.
HTTPS Use Not Finish Risk
The researchers warned the users about the risk involved when they use HTTPS and it is an added layer of protection protocol. It highlights the situation with added layer of protection but it does not secure data of users. HTTPS was bypassed in non browser software in iOS and OS X in Apple, in banking apps, in Android apps and in the VPN apps. Linux and Android allow the attackers to decrypt content within system in few seconds and iOS and Windows showed better chance to protect themselves from any coming danger. The patches for Linux and Windows are provided and it is hard to say about the provision of such distributions and Wi-Fi access points.
What’s At Stake
The patching existing access points are time taking and some Wi-Fi access points may never be patched at all. The preliminary reports show the accurate representation of anticipated risk and attackers might be able to tamper with Dynamic Host Configuration Protocol (DHCP) setting, and unlock hacking regime with the use of Domain Name Service (DNS) of the users.
Avoid it
This issue lies in Wi-Fi protocol and no guaranteed solution is given to this problem. It is not easy to say the severity of attacks, which the attackers faced and it is advised to users to add more layers of security with the encryption of web and email traffic using the HTTPS, STARTTS, Secure Shell and other protocols. The additional security measures could be virtual private network.
