A group of Belgian researchers has discovered a flaw in the WPA2 WiFi communication protocol, but it does not mean that they are all at risk. Here’s what you need to know about protecting your data via WiFi.
The security of the WiFi network has evolved to the point that most modern routers are configured to be protected with complex passwords, advanced encryption methods, integrated firewalls and other security measures designed to protect you from cyber-attacks. But what happens when these protocols are circumvented or broken?
This is exactly what happened, after Belgian researchers at KU Leuven University discovered a flaw in the WPA2 security protocol. WPA2 is used to protect most WiFi connections in the world as it is the safest method available on a large scale.
And since security is the topic of this short article, I remind you that when you connect to a public or free WiFi network you need to pay close attention. Indeed, it is normally not recommended to connect to a free WiFi hotspot, to avoid repercussions on your privacy.
To protect your identity while using a public WiFi network it is important to use a VPN as described in this article by Anonymster. I strongly recommend a thorough reading.
How can I protect my data if WiFi is not secure?
The fact that WPA2 encryption has been violated is alarming news and concerns many entry level devices, but there is no reason to panic.
In essence, the researchers detected a bug in the Wi-Fi standard that leaves wireless traffic vulnerable to potential eavesdropping. In other words, anyone could use this “flaw” to see what you are doing on the internet and extract sensitive data such as credit card numbers, passwords, chat messages, e-mails, photos and more.
Fortunately, many devices have now been repaired or updated to fix the bug. And in any case, it is usually not only WPA2 that acts as a security measure between a hacker and your data.
To begin with, a Wi-Fi attack must be launched within the reach of the network in question, but it’s likely that you’re sending a large amount of information on the Internet that is already encrypted, which means the hacker can’t read it anyhow.
The https protocol used on many Web sites adds this additional level of protection as well as, for example, the use of a VPN service such as NordVPN or Hidden24.
For this reason you should pay particular attention to the green padlock icon in the browser address bar. If the padlock is not visible, it means that the site is not using the https protocol and there is the possibility that all the data entered are visible to others.
So if you are going to make an online payment, before entering your details and clicking buy, check that the website in question is really secure.
Returning to various patches and updates, October 10, 2017 Microsoft has run for cover by fixing Windows devices. Even Apple has corrected the vulnerability for macOS and iOS in the same period.
Google released security updates for Android devices in November, so I advise you to consult the Information section that you can find in the settings of your phone or tablet to see when the last update was made.
Wireless routers are updated with less regularity, as are smart home devices. But it’s always worth thinking about manually checking for updates and security patches.
What wireless security standard should I use?
Modern routers usually have a Wi-Fi password set by default and is used by various protocols to encrypt data sent over the Web. Here are some terms that you may find useful:
Wired Equivalent Privacy (WEP) was used in 1997 when the 802.11 WiFi standard was introduced. Now considered unsafe and was replaced in 2003 by WPA via the TKIP encryption method.
The TKIP protocol (Temporal Key Integrity Protocol) has also been phased out, but unlike WEP it is still present in most modern routers.
Advanced Encryption Standard (AES) was introduced shortly after TKIP in 2004 along with WPA2, the new and improved WPA standard. Select this encryption level wherever possible, but keep in mind that wireless devices will also need to support it to communicate with the router (most of them will, but some older kits may not work).
Despite the hack described at the top of this article, WPA2 is still considered the best way to protect WiFi. Nowadays, router manufacturers and ISPs generally use WPA2; some use a combination of WPA2 and WPA to ensure compatibility with the widest range of wireless kits.
You may also see an option with the suffix ‘-PSK’ which is the abbreviation for Pre-Shared-Key or Personal Shared Key. If you are offered the choice, choose WPA2-PSK (AES) on WPA2-PSK (TKIP), but if some older devices cannot connect choose WPA2-PSK (TKIP) instead; still uses the latest WPA2 encryption while enabling older devices that might get stuck with TKIP to connect to the router. It could be listed as WPA2-PSK (mixed mode).
How to protect your Wi-Fi
Disable WPS
WPS stands for Wi-Fi Protected Setup, and was created to facilitate the configuration of Wi-Fi connections. It sounds fantastic, but it creates an easier entry point for hackers: an eight-digit PIN is easy to hack with a brute-force attack (brute force attack).
The easiest way to know if you have WPS enabled is to search on your router or on the original product packaging, as it often has a clearly visible logo and a physical button on the device. It’s a good idea to disable it, especially if you think you’ll never use it.
If you are not sure yet, you can access the settings of your router, which you generally access by typing 192.168.1.1 or 192.168.0.1 (or a different address, depending on the ISP and the router manufacturer) in the URL address bar and accessing the router from the Administration Panel.
Change the admin password
Now that you are logged in to your router settings, you will see an option to change the router login details. I advise you to change them, since the procedure is really simple and protects you from anyone who wants to interfere with the router settings.
Some devices (even if they are not usually those provided by your ISP) continue to have a generic username and password. Usually exactly “admin” and “password”. Changing these login credentials (so taken for granted) will make it particularly difficult and almost impossible to hack your router’s import panel.
Tags: protect, WiFi
Leave a Reply