" />
Technology

What WiFi’s KRACK attack means for you and what you can do about it: interview

What WiFi’s KRACK attack means for you and what you can do about it: interview

Day after day, America is faced with a long list of growing cyber threats. In light of recent hacks, leaks, and general cyber attacks, it is no wonder that cybercrime is America’s new number one fear.

Unfortunately, it would appear that a newly discovered threat has reared its ugly head, giving us another reason to act with caution when connecting to WiFi.

Last month, cybersecurity watchdogs and researchers expressed deep concern regarding a new threat, warning WiFi users of the potential dangers associated with the recently discovered security flaw named KRACK. This weakness could allow hackers to read information thought to be encrypted, or infect websites with malware.

To get a better understanding of the situation and how to tackle this problem we spoke with Leonardo Cooper, CEO of VaultOne, a cybersecurity company that strives to keep business safe in the face of today’s ever-changing cyber landscape.

wifi krack

Leonardo Cooper

I understand that last month a new threat to WiFi security was discovered. What does this mean for those of us using WiFi?

Yes, KRACK, which was one of the latest discovered vulnerabilities in WI-Fi. Now, because this flaw is on the WI-Fi’s most used security protocol (WPA2), it means that almost everyone connected to a WI-Fi network is affected.

What can happen to us if someone was to take advantage of this flaw?

An attacker can eavesdrop all of your network traffic and also hijack your connections, meaning the attacker would be able to steal your passwords, emails, photos, credit cards, and everything you do on your computer or smartphone, and at some extent even infect your computer with a malware.

Do you think technology companies should do more to protect us from flaws and hacks, or do you feel that responsibility lies with the user?

I think both, technology companies should commit to updating their products more frequently, and this also includes their legacy products as well. Also, it is important to adopt best security practices when developing their products, everything should be protected nowadays.

The user also plays an important role in security, because end-user security is always a tradeoff with convenience, as users we should balance this wisely.

What advice would you have to help readers protect themselves while accessing WiFi?

First and most importantly, update all your devices, everything that has a WiFi chip: smartphones, routers, TVs, refrigerators, printers, computers and so on. Also, make sure there is an update available for those devices that address this issue particularly.

Second, avoid public WI-Fi networks, they were insecure before KRACK and they are insecure after. WPA2 is a far from perfect protocol and it can allow an attacker on the same network to sniff your traffic. Prefer your mobile data plan instead of a public WI-Fi network.

And third, if you are in charge of choosing your router’s WI-Fi password, choose a really long one.

What does this new WiFi threat mean for IoT devices that use WiFi?

IoT devices are usually the forgotten ones in our home, we think they “just work”, but the fact is that they need as much our attention as the other devices, like computers and smartphones.

I understand you have worked in cybersecurity for large corporations and governments. Is WiFi security something to be seriously worried about for these types of organizations?

Yes, it is, and they are, even before KRACK, WiFi security had a long history of vulnerabilities, and the current protocols are not good enough to protect their data.

Organizations are boundary-less now, their data are in multiple places and at the same time, the employee takes the company is his pocket, to home, to the cafe, on the go, and they also connect to the organization from those places, that is why most of the companies have this another layer of security called a VPN.

From your experience, what is the most common type of hack or breach that large corporations and governments receive?

From my own experience, I can tell you the most common breach is related to leaked privileged credentials (passwords and keys) that access important servers and services, and it happens due: phishing, careless storage, non-authorized sharing, or internal stealing.

On a slightly more cheery note, with regards to WiFi, what are you really looking forward to seeing develop from this technology over the next five years?

I would like to see a new WI-Fi protocol, one that could easily differentiate user-based connections from machine-only connections, that way we could more effectively authenticate users and monitor behavior. We also need abetter protocol that makes sure we are safe in public WiFi networks (cafes, airports, etc.).

View Comments (1)

1 Comment

  1. Jay Lang

    November 22, 2017 at 9:23 AM

    Very good information. Kind of figured it was only a matter of time before criminals made easy work of our WiFi networks; they are like goldmines. Thanks for keeping us updated and aware.

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Sam is an energetic and passionate writer/blogger, always looking for the next adventure. In August 2016 he donated all of his possessions to charity, quit his job, and left the UK. Since then he has been on the road travelling through North, Central and South America searching for new adventures and amazing stories.

More in Technology

Twenty years ago we were more than willing to sit patiently through the first three minutes of our cousin’s self-made high school video and see the fluorescent words rolling unsteadily over the black screen.

If your video doesn’t capture audiences in 10 seconds, you’re losing engagement

Kwinten WoutersDecember 15, 2017

Living In an Urban Jungle: How Cities are Impacting our Brains and Sleep

Sam Brake GuiaDecember 14, 2017
decoded developer open source

DECODED Profiles: developer evangelist Tessa Mero on building open source communities

Tim HinchliffeDecember 13, 2017
bitcoin users

Britain’s spy agency says it is monitoring Bitcoin to find out about risks

Mathew Di SalvoDecember 12, 2017
Coding Autism -The Sociable

Coding Autism: the startup empowering autistic adults in the tech industry

Jess RappDecember 12, 2017
stock performance prediction

Stock performance prediction prototype shows 62% accuracy using NLP, Deep Learning

Tim HinchliffeDecember 11, 2017

QUBED enabling Millennials to fulfill their passions

Markus SkagbrantDecember 7, 2017
AI, Musk, neuralink, healthtech, neurotechnology

Nexeon’s neurotechnology in the fight against our aging bodies

Ben AllenDecember 7, 2017

netTALK launches ezLINQ enabling users to connect landlines, TVs to the internet

Markus SkagbrantDecember 6, 2017