Wi-Fi security, vulnerability puts all users at risk

Computer security researchers have discovered a flaw in the encryption system of most routers currently on the market

New research, carried out by the U.S. CERT, has discovered a new vulnerability present in most Wi-Fi routers used in our homes that seriously endangers the cybersecurity of millions of users.

Thanks to this flaw, hackers would be able to bypass the Wi-Fi Protected Access II (WPA2) security protocol.

Thanks to this vulnerability, cyber criminals can "insert themselves" in the connection between router and computer and can decide at their will whether to steal data from our PC, install software or redirect us to a particular website, but they can also spy on us and duplicate our multimedia content. According to researchers, the flaw is present in the protocol that is used by users to authenticate themselves within the Wi-Fi network protected by WPA2 (technically called four-way handshake). Some companies seem to have already made security patches for their Wi-Fi routers and access points, but at first millions and millions of users will be at risk of cyber attack.

Failure affecting millions of users

The WPA2 protocol flaw will be presented and discussed on November 1, 2017 at the "ACM Conference on Computer and Communications Security" and, in the following hours, distributed online through the website krackattacks.com. With this move, the researchers hope to entice Wi-Fi device manufacturers to take serious steps to improve the security of users' routers. At the moment, in fact, almost all people who use a router at home or in the office are at risk.

How to defend yourself against the WPA2 vulnerability

For now, the experts' advice is to use your Wi-Fi connection as little as possible, at least until the routers or access points you use receive the security update. Whenever you surf the Net, moreover, it is preferable to use encryption protocols such as HTTPS, so as to protect your data and your communications. In addition, the use of a VPN should protect us, at least in part, from this new vulnerability. A virtual private network, in fact, allows us to keep our information private even when we go online.