Preventing a KRACK attack
October 26, 2017 06:27 PM
Brian Willis takes precautions during his working lunches and avoids connecting to public Wi-Fi.
"I use my work phone, which is a hot spot, which is encrypted and can't get through to any information," explained the healthcare worker.
Smart move, considering the newest online threat. KRACK stands for Key Reinstallation AttACK. It exploits a router encryption flaw and forces one-time log-ins to be re-used, giving hackers the chance to decode and steal personal information like passwords, credit card, banking information and even photos.
"Attackers are going to exploit this vulnerability. Public places will be better, possibly more data to steal, but it can happen on any wireless network secured by WPA," explained Adam Dean of GreyCastle Security in Troy.
The best way to protect yourself is not to ignore the updates sent by your provider or device manufacturer. Even though they come out after an incident, installing them ASAP is imperative.
"If you don't patch, these vulnerabilities will exist and the likelihood of it being exploited and your information being stolen increases," added Dean.
Staying ahead of hackers, and the latest attack, is close to impossible, but keeping up with threats to your personal data is not.
"A lot of important information, especially with credit cards. You want to make sure information is safe and not accessible to people who can use it in a bad way," pointed out Willis.
KRACK is different than other cyber threats, because the hacker has to be within physical range of your router, so your home is less susceptible than public Wi-Fi.
Updated: October 26, 2017 06:27 PM
Created: October 26, 2017 05:38 PM
Copyright 2017 - WNYT-TV, LLC A Hubbard Broadcasting Company