Major WiFi Concerns Uncovered

Major wifi concerns uncovered

UPDATE 30 Oct: Manufacturers are pushing out fixes for many devices now, so you should check on yours. Plus quite a few were prepared before this announcement and had already issued updates. Windows and iOS users are okay – others still need to check.

Worrying news has emerged today for anyone who uses WiFi – which is pretty much everyone!

Security researchers have found a serious vulnerability in the technology used to secure WiFi connections. It’s called WPA2 and is used basically everywhere.

This is news that’s only broken this morning and the IT sector is still digesting the implications and what the possible solutions will be. In fact, the two people who found the flaw in the system are only just, as we write, beginning to reveal the detail of their findings.

As with everything, there’s likely to be a fix, almost certainly via updates to WiFi-enabled devices, but that can only happen once everyone is happy that the fix is just that and not a rushed solution that might be useless – or could even potentially make things worse!

To be clear, when it comes that fix may or may not need to be applied to routers and other connectivity devices, but will certainly apply to any wi-fi connected devices you use, including laptops, tablets, phones, security cameras, TVs, speakers, gaming consoles, Internet of Things devices and anything else you can think of.

Be WiFi Wary for Now

What do we know so far and what can we do about it?

If you use WiFi as your connection, assume your data can now be compromised by an attacker.
If your data is highly sensitive, until we know more, the only way to be truly safe is to switch off WiFi.
You are still safe if you use a hard-wired connection or mobile data, as the latter doesn’t rely on WPA2 (as long as you’re not connecting to the mobile via WiFi as a hotspot).
The attack is not limited to grabbing your login credentials, it can intercept any other kind of traffic too.
Even where websites you connect to use HTTPS (secure) connections, these can be bypassed too, so you should not assume they are safe.
Keep an eye out for software and firmware updates to your WiFi connected devices to ensure you get any fixes for this problem as soon as they come out.
An attacker would have to be on the same base station (i.e. router) as you to use this method of attack, they can’t get to you from just anywhere on the internet.
Be circumspect about what data you access via networks that could be physically joined by an attacker (i.e. they could be nearby and on the same base station). You might want to avoid internet banking, sharing confidential data, etc. If in doubt, wait until you can connect an ethernet cable or use mobile data.
Android devices are especially vulnerable, so take extra care with those.
The method of breaking the WPA2 security has been named Krack Attacks by those who discovered it. You’re probably going to hear that name a lot in coming days.

This is a significant development for everyone. It’s probably one of the biggest IT scares for a long time because its effects could be so widespread.

However, you should keep a sense of perspective. When you’re at home your neighbour is unlikely to be trying this out on you (though be conscious of the computer-literate teenager who wants to test the theory…) and an attacker has to be on the same network. Out in public there is going to be more risk and you have to balance that with being able to keep operating. This will get fixed and you should be consciously looking for those fixes being released for all devices so that you can apply them straightaway.

When we know more about the effects and the likely solutions, we will of course update these pages.

In the meantime, clients who have concerns can raise a support ticket in the usual way.

Are You Exposed Online?

Russian Risk in Popular Anti-Virus Software

Back to Insights

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Major WiFi Concerns Uncovered

Major wifi concerns uncovered

Be WiFi Wary for Now

Be Careful When Scanning QR Codes – There’s a New Scam Going Around!

Be More Productive with these Microsoft Edge Features

5 Cybersecurity Predictions for 2024 You Should Plan For

Is This the Most Dangerous Phishing Scam Yet?

What is Microsoft Security Copilot? Should You Use it?

The Advantages of Contracting with an IT Company Over Break/Fix Arrangements

Cyber Attacks: Stronger, Faster and More Sophisticated

Online Security: Addressing the Dangers of Browser Extensions

The Little Things that make a Big Difference

Workspaces, a VPN and More – Learn the Newest Microsoft Edge Features

And the award for most common phishing scam goes to…

Examples of How a Data Breach can Cost Your Business for Years

Demystifying Data Encryption: Safeguarding Your Digital World

How Small Businesses Can Approach Workforce Technology Modernisation

Which Ransomware Payment Option is Best? (Hint: None)

Top Data Breaches of 2023: Numbers Hit an All-Time High

Bridging the Trust Gap Between Your Employees and AI

9 Tips for Setting Up AI Rules for Your Staff

Don’t Think Your Business is a Target? Think Again

Gamers Beware! Hackers are Targeting You

This New Search Feature in Edge is a Revolution

The Proactive Advantage: Fortifying Business Resilience through Monitoring

Here’s What’s in Store for the Last Ever Windows ‘Moments’ Update

How Can You Leverage the MS Teams Payment App

Microsoft Wants you to Pay for Updates

11 Ways to Responsibly Get Rid of eWaste at Your Home or Office

Are You Ready for Next-Gen Email Security? (YES!)

Beware of These 2024 Emerging Technology Threats

You’re Not Imagining it, Video Calls ARE Stressful

14 Helpful Tips for New Year Digital Decluttering