With the KRACK vulnerability publicized, anyone who uses Wi-Fi-enabled devices may be at risk for sharing unencrypted traffic with potential attackers who bypass WPA2 network security. The WPA2 security protocol is used by routers and devices to encrypt people’s activity. Attackers who want to exploit the newly revealed weakness could steal sensitive data passing over the network including passwords, credit card numbers, chat messages, emails, photos, and the list goes on.

What devices are affected by KRACK?

If your device uses Wi-Fi, it’s likely vulnerable to the KRACK Wi-Fi security flaw to some degree, though some get it worse than others.

How to protect yourself from KRACK’s Wi-Fi flaw?
  • Keep your devices up-to-date – That means that your device can download an update that protects against KRACK and still communicate with unpatched hardware while being protected from the security flaw.
  • Be careful using public Wi-Fi hotspots – even one that’s password protected—stick to websites that use HTTPS encryption. Secure websites are still secure even with Wi-Fi security broken. The URLs of encrypted websites will start with “HTTPS,” while unsecured websites are prefaced by “HTTP.”
  • Use VPN (Virtual Private Network) – VPNs help hide all of your network traffic. Although, don’t trust random free VPNs; they could be after your data as well.
  • Keep Antivirus Software up-to-date – Help protect against potential code injected malware.

In closing, there is no evidence that the vulnerability has been exploited maliciously, and Wi-Fi Alliance has taken immediate steps to ensure users can continue to count on Wi-Fi to deliver strong security protections,” reads a statement published by a Wi-Fi industry trade group. “This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users. Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together.”