Beware! Public WiFi users are vulnerable to cyber attack: Know how to stay safe from KRACK attacks
New Delhi, October 20: Before switching onto public WiFi, beware! Using WiFi hotspot or wireless internet networks at airports or railway stations can put you at immense risk of cyber attack.
The vulnerability quotient of public WiFi in the country is rated ‘high’ by the government agency Indian Computer Emergency Response Team (CERT-in).
According to CERT-in, successful exploitation of these vulnerabilities allows an attacker to obtain sensitive information such as credit card numbers, passwords, chat messages, emails etc.
The government agency apart from advising the people to avoid using public WiFi insisted to use VPN (virtual private network) and wired networks.
The research found that users of Android, iOS, Linux, macOS and Windows devices were most vulnerable to cyber attacks.
Ways to secure your data:
The vulnerability in WPA or WPA2 encryption has been highlighted by the Kaspersky Labs research. Most commonly, it is used to connect to wireless networks. Those attacks are termed as ‘key reinstallation attack’ or ‘KRACK’.
Kaspersky Labs have some tips to stay safe from KRACK attacks:
– Ensure the presence of green lock icon in the address bar of your browser. The lock depicts an HTTPS (encrypted and therefore secure) connection. The browser will be forced to use HTTP versions of websites if someone attempts to use SSL strip against the user. Later on, the lock would disappear. Thus, a connection is secure only when the lock is in place.
-Researchers have warned a few network appliance manufacturers (including Wi-Fi Alliance, which is responsible for standardizing the protocols) in advance of releasing their paper. Therefore, a majority of them have to be in the process of issuing firmware updates which can fix the issue with key reinstallation. Thus, check for fresh firmware updates for your devices and install them as soon as possible.
-By using a VPN, one can secure the connection. This adds another layer of encryption to the data transferred from your device.