Wi-Fi failure makes people vulnerable to computer attacks

The flaw was dubbed KRACK, an acronym for Key Reinstallation AttaCK, and it allows attackers to insert a new key into an encrypted connection.

You can spy on devices connected to wireless networks / Photo: Special

A Wi-Fi security breach could leave millions of people using wireless connections vulnerable to cyber attacks, the United States government and experts around the world warned yesterday.

The United States Computer Emergency Response Team (CERT) warned that this flaw in the WPA2 encryption protocol can allow hackers to spy on or hijack millions of electronic devices connected to wireless networks.

“Taking advantage of these vulnerabilities could allow an attacker to take control of an affected system,” said CERT, which is part of the Department of Homeland Security (DHS).

The flaw, discovered by researchers at the Belgian university KU Leuven (Catholic University of Leuven La Vieja), was dubbed KRACK, an acronym for Key Reinstallation AttaCK (key reinstallation attack), because it allows attackers to insert a new “key” into an encrypted Wi-Fi connection.

According to news site ArsTechnica, the find was kept secret for weeks to allow Wi-Fi systems to develop security patches.Wi-Fi failure makes people vulnerable

Attackers can exploit this flaw in WPA2 “to read information that was previously supposed to be securely encrypted,” researcher MathyVanhoef said on a KU Leuven blog. “This can be abused to steal confidential information and target all encrypted Wi-Fi networks,” he said.Wi-Fi failure makes people vulnerable