A security researcher has recently come across a Wi-Fi vulnerability that may possibly be present in every Wi-Fi supporting device built since 1997.
While this seems alarming, especially in today's world where nearly everything is linked to the internet, there's not much to fear. From what the researcher has divulged, in practice, the risks associated with this vulnerability being exploited are very little. To top it off, users can also rather easily protect themselves against these very exploits. However, if executed correctly, the flaw could lead to Wi-Fi connected objects being controlled, which could even lead to the skimming of sensitive user data from personal devices, such as laptops and mobile phones.
But what is the vulnerability, and who came across it? Well, if you're well versed in the subject of cybersecurity, a niche subject as it might be, the name Mathy Vanhoef might be familiar. He's a well known Belgian security researcher, having done notable work in the field of cybersecurity. Particularly, Mr. Vanhoef has been noted for his discoveries of Wi-Fi related exploits and flaws. This latest flaw that he has discovered affects even WPA3 (WiFi Protected Access 3), the most up-to-date security certification composed.
The vulnerabilities collectively have been labelled as FragAttacks, and can be exploited if a user is within radio range of the hacker. Three of these essentially come in the form of design flaws built into the current Wi-Fi standard. The rest have been linked to programming mistakes found in a myriad of Wi-Fi related devices, which leaves them exposed. While WPA3 is definitely affected by this, some of these flaws can be traced down to WEP (Wired Equivalent Privacy), the precursor of the WPA program. Thus, devices from as far back as 1997 can also fall under risk.
An entire video has been composed by Mathy Vanhoef, discussing FragAttacks and the more specific intricacies of how they work and can be exploited. However, there's quite a lot of protection afforded to users as well. Simply by either making sure that they're attending HTTPS websites, or relying on VPNs for online surfing, near complete security against these flaws is extended. And honestly, in this day and age, users are already on their toes and would be taking such precautions in the first place.
Read next: Security Threats linked with recycled phone numbers in the United States
While this seems alarming, especially in today's world where nearly everything is linked to the internet, there's not much to fear. From what the researcher has divulged, in practice, the risks associated with this vulnerability being exploited are very little. To top it off, users can also rather easily protect themselves against these very exploits. However, if executed correctly, the flaw could lead to Wi-Fi connected objects being controlled, which could even lead to the skimming of sensitive user data from personal devices, such as laptops and mobile phones.
But what is the vulnerability, and who came across it? Well, if you're well versed in the subject of cybersecurity, a niche subject as it might be, the name Mathy Vanhoef might be familiar. He's a well known Belgian security researcher, having done notable work in the field of cybersecurity. Particularly, Mr. Vanhoef has been noted for his discoveries of Wi-Fi related exploits and flaws. This latest flaw that he has discovered affects even WPA3 (WiFi Protected Access 3), the most up-to-date security certification composed.
The vulnerabilities collectively have been labelled as FragAttacks, and can be exploited if a user is within radio range of the hacker. Three of these essentially come in the form of design flaws built into the current Wi-Fi standard. The rest have been linked to programming mistakes found in a myriad of Wi-Fi related devices, which leaves them exposed. While WPA3 is definitely affected by this, some of these flaws can be traced down to WEP (Wired Equivalent Privacy), the precursor of the WPA program. Thus, devices from as far back as 1997 can also fall under risk.
An entire video has been composed by Mathy Vanhoef, discussing FragAttacks and the more specific intricacies of how they work and can be exploited. However, there's quite a lot of protection afforded to users as well. Simply by either making sure that they're attending HTTPS websites, or relying on VPNs for online surfing, near complete security against these flaws is extended. And honestly, in this day and age, users are already on their toes and would be taking such precautions in the first place.
Read next: Security Threats linked with recycled phone numbers in the United States
