Security News

WPA2 risks—your top 5 questions answered

Juraj Chrappa, 24 October 2017

With the industry standard for Wi-Fi security now flawed, you need to provide your own protection. Here’s how.

It’s been a big news week in the world of Wi-Fi. The WPA2 security protocol, which for over ten years has been widely regarded as the safest way to use Wi-Fi, was discovered to have a serious security vulnerability. What does this mean for you, for us, and for all those people down at your local coffee shop using an unprotected Wi-Fi network as you read this? The following questions are designed to help us get some definitive answers:

1. What is WPA2 in the first place?

WPA2 is the third evolution of Wi-Fi security protocols. First came Wired Equivalent Privacy (WEP), which was the standard for several years beginning in 1999. In 2003 the Wi-Fi Alliance formally adopted Wi-Fi Protected Access (WPA) as the new standard, and then in 2006 WPA2 officially began its reign as the best Wi-Fi security to date.

2. Since when has it been vulnerable to attacks?

Since always. Incredibly, however, it was just discovered this week. WPA2 uses a security component called a “four-way handshake.” It’s a process that occurs in the first moment a new computer or device connects to a Wi-Fi signal. During the handshake, the Wi-Fi network authenticates itself to the computer and generates a one-time encryption key for the Wi-Fi session. On October 17, a security researcher named Mathy Vanhoef discovered an attacker within the Wi-Fi’s range could use key reinstallation attacks (KRACKs) to trick the handshake into reinstalling a used encryption key. Doing this then allows the attacker onto your network, free to use it just as you do, accessing your personal data and possibly injecting some ransomware or malware.

3. Can it be fixed?

Yes, it can be patched: security teams are hard at work developing those necessary patches right now. The patches will fortify the handshake to ensure that each encryption key is used only once, thus preventing KRACK attacks (which may be fun to say, but the experience of one is not). So make sure you keep all of your devices updated—your computers, smartphones, home routers, and any other Wi-Fi-enabled devices you may have. Some vendors reacted quickly and already released security patches. For those not there yet, download the next software updates as soon as they are available.

4. Do I need to take any additional protective measures?

We strongly suggest you do. The smartest way to use Wi-Fi safely is to utilize a virtual private network (VPN). It protects your privacy online and ensures you are using an encrypted channel. VPNs are essential if you spend any time on public Wi-Fi networks—in coffee shops, airports, hotels, etc.—but they also protect you at home. Your web browsing should be for your eyes only, not for any hacker that can infiltrate your unprotected network.

5. Is Avast SecureLine VPN a strong solution?

Yes, it is. Avast SecureLine VPN gives you real privacy, hiding your online activities from hackers, advertisers, and even your own internet provider. You won’t be tracked, and your data won’t be stolen. We use bank-grade encryption to keep you safe on any network. Plus, because Avast SecureLine VPN makes you anonymous and hides your IP address, locality-limited content blocks don’t affect you. And while some VPNs can slow down a system, we are constantly upping the server speed and performance of Avast SecureLine.

This WPA2 discovery rocked the digital world, but there’s no need to panic. The solutions are out there. Keep all your software up-to-date, and use a VPN for all your Wi-Fi needs. Remember, your online privacy is not your privilege, it’s your right! Take the necessary steps to keep yourself safe by downloading Avast SecureLine VPN today.