Researchers on Monday disclosed a serious security flaw in the encryption standard that protects tens of millions of consumer, business and government Wi-Fi networks — a hole they said could allow hackers to intercept sensitive traffic, tamper with websites or install malware or ransomware.
The flaw affects a security protocol known as WPA2, one of the most popular ways of securing Wi-Fi networks. The vulnerability affects any wireless device that connects to a network secured with the protocol, according to the research team at KU Leuven in Belgium — a category that includes computers, smartphones and the growing array of internet-connected thermostats, televisions, personal assistants and other devices known as the internet of things.
“In general, any data or information that the victim transmits can be decrypted,” wrote the researchers, who also posted a video in which they used the technique to capture a password entered on Match.com. They added in bold-faced type: “The attack works against all modern protected Wi-Fi networks.”
In some circumstances, hackers can also manipulate data transmitted from a router to a client.
Sen. Mark Warner (D-Va.), who is sponsoring a bill that would impose minimum security standards for internet-connected devices that federal agencies purchase, said the latest news “illustrates the importance of adopting basic hygiene requirements for the rapidly proliferating Internet of Things.”.
“In the past year we’ve seen exploitable vulnerabilities reported in a range of widely-used components, with a vulnerability in Bluetooth impacting potentially 8.2 billion devices and a vulnerability in a commonly-used Wi-Fi chipset impacting nearly a billion devices,” Warner said in a statement.
Under current law, however, patching the Wi-Fi hole would be at the discretion of individual software and hardware vendors.
……..
- Discussion
-
Cyber researchers have revealed a serious flaw with one of the most popular ways of securing Wi-Fi networks https://t.co/puPx3tpGNj pic.twitter.com/Aeh1BIX2zL
— POLITICO (@politico) October 17, 2017
Well, that’s wonderful. My devices all use Wi-Fi.
You must be logged in to reply to this topic.