Keep Wi-Fi KRACK Vulnerability at Bay by Using these Solutions

Security researchers have ascertained that the WPA2 encryption protocol that is used to protect Wi-Fi routers and devices connected to a given network has been compromised. In principle, the encryption, which was first used 13 years ago, has been cracked, meaning malicious hackers can infiltrate your network if it is in range. Such intrusion can allow them to figure out your password(s), in addition to keeping tabs on your internet activities, or even intercept unencrypted data streams, including passwords used on sites with no HTTPS protocol.

While there is a high chance that you and I are vulnerable, it should be known that a hacker needs to be near your network. That may sound okay, but we all know something about attacks and cyber security issues; they don’t knock on your door or make their presence obvious. They are that stealthy, and have been honing their skills, including hiding attacks in encrypted traffic. The TL;DR version of the attack is called KRACK vulnerability, and can be read here.

So, what can you do for the moment? Here are some tips.

Check for security updates for your devices

Your phones, tablets or PCs can be updated by the manufacturer to counter KRACK vulnerability. For PCs, Microsoft has changed how it used to handle things, and sends updates as often as possible. Just make sure auto-updates have been enabled, and a security patch will be on your way, hopefully. For smartphones, it is the same thing, especially on iOS as Apple has a few devices to send updates to. Unfortunately, things get a little confusing on Android; unless you own a top-of-the-line device, or a phone launched within the last 18 months, you are out of luck as it is highly unlikely it will ever be updated, let alone be patched with security upgrades. We can blame this on the fragmentation of the system, and the high number of devices manufactures churn out to meet the requirements of different demographics. Thus, it is uneconomical to keep them updated, meaning users are left in the cold. On the bright side, updated and non-updated devices can co-exist seamlessly on the same network because the fix allows interoperability with older legacy systems.

Update your router

There is no denying that this should be the first line of defense against this vulnerability. It is better to follow this up if your router of choice has been supplied by your ISP. For example, Safarciom’s FTTH product uses Huawei-branded routers – which Safaricom provides. We we’ll reach out to them to ascertain if they are prepping a fix. You should also do the same thing for your manufacturer before the matter escalates.

Go old-school and use that Ethernet cable

Well, our routers have a couple of Ethernet ports that we hardly use. In fact, during installation, ISPs provide a cable, which, like yours truly, ends up bundled up in its case because wires are so old-school. However, if your router has not been updated and don’t want to fall prey of intruders, kindly consider disabling the Wi-Fi option (some routers do not have this option) and use Ethernet. This means traffic will go through the cable. Btw, some tablets and phones can use Ethernet too, provided you have the right dongle to do so.

Hello! Mobile data

For the extremely paranoid, you can cease using Wi-Fi for the time being until things get fixed. All you have to do is use mobile data to keep possible intruders at bay. However, mobile data is not cheap, and may not be as reliable depending on your location. But in a country where few homes and offices have Wi-Fi connections, cellular data still reigns. And is safer.

Use HTTPS Everywhere extension for your browsers

There is a browser extensions called HTTPS Everywhere that works with Mozilla Firefox, Chrome and Opera browsers. All you need to do is install it, and does not call for additional configurations. Functionally, it reduces risk by prioritizing encrypted internet traffic. However, the extension cannot be of help is a site relies on HTTP rather than HTTPS.

Stay safe, internet users.