A recent flaw has been discovered that could allow cyber criminals to view and steal your information through Wi-Fi Protected Access 2 or more commonly referred to as WPA2. In layman’s terms, if you have a wireless device, a cybercriminal can trick you into reinstalling an already-in-use key. From there they can manipulate, eavesdrop or steal information you thought was secure, such as credit card numbers, banking info and passwords.
This flaw in WPA2 was discovered by security researcher, Mathy Vanhoef of KU Leuven in Belgium. Since 2004, Wi-Fi Protected Access 2 has been the industry standard in encrypting web traffic on Wi-Fi networks to protect users from eavesdroppers. WPA2 networks are used everywhere on every wireless device. This flaw is affects users on a Global level and can provide hackers a ride range of havoc, from intercepting private information and inserting malware or ransomware to manipulating commands such as sending themselves money direct from your bank accounts.
There is good news… The cyber attacker must be in the near vicinity of the Wi-Fi network of his/her intended target. They can not carry out an assault from a distance or by way of cyber travel. This important distinction should not sway anyone from taking precautions as this will affect anyone with a Wi-Fi enabled device. Also, the most current iOS or Windows are not vulnerable, for the most part. This is due to an implementation of the WPA2 standard that prevents the repeated (third) “handshake” message from sending.
For the everyday wireless consumer, stay informed and look for patches from the manufacturers and software developers. Continue to use WPA2 as its protections still outweigh the risks. Install updates for all of your devices as they become available. Most importantly, only share sensitive/secure data on sites with HTTPS encryption.