Every time a celebrity leaks a new risque picture, it is followed by claims that the picture “broke” the internet. Fortunately, nude photos of an A-lister do not have the power to take down the web, but a discovery by a security researcher just might.
The web security protocol WPA2 was developed by the Wi-Fi Alliance—incidentally, to replace another older and less secure protocol. In vastly oversimplified terms, it is what keeps random devices from joining your Wi-Fi network. Using what researcher Mathy Vanhoef is calling KRACK—for Key Reinstallation AttaCK—hackers can infiltrate your system and therefore your devices, flood the entire connection with ransomware and malware, steal your personal content off your computer, and more.
The finer points of KRACK are pretty complex, but they’re available here if you’re interested. The more critical understanding is how to protect yourself, though. A number of tech companies are already at work on the “patch” you’ll need to protect your Wi-Fi router, but until those patches are issued and in place, it’s a good idea to avoid public Wi-Fi connections and make sure the sites you visit are using the HTTPS designation. It’s also a good idea to use a VPN, or virtual private network, when connecting online, especially for sensitive activity like banking, applying for a job, or shopping with a payment method.
This should serve as yet another reminder of the need for strong cybersecurity measures like antivirus software and password protected networks, and that updating your software is vitally important. If you have strong protections in place, that’s great. However, if you’re not updating your software, your web browsers, your plug-ins, and more, you’re only protected from threats the software “knew” about when you installed it. In the case of this kind of attack, this is a previously unheard of vulnerability that has to be closed with a patch to protect you.
Fortunately, unlike much global hacking news, this form of attack requires fairly close proximity to your router. That means businesses and public hotspots might be far more worthwhile targets, but there’s no reason to take any chances. Update your software when the patch for your network router is issued.
Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.