Danger, Will Robinson!
Within the last week, the tech media has been obsessed with spreading fear about a new and potentially very dangerous attack against all Wi-Fi networks. The so-called “Krack attack” is certainly something you should be aware of, but it is not the doomsday end-of-the-world scenario bloggers and news reporters would have you believe.
What is Krack?
Security researchers (you know, those university guys with the pocket protectors) have found a theoretical flaw in how Wi-Fi routers handle encryption – the process of scrambling everything that is transmitted between each device on a Wi-Fi network and the Wi-Fi router/gateway that connects to the Internet.
They have proven, in the lab, the flaw exists and can be used to break into a Wi-Fi network by forcing it to disable all the encryption. So far, no actual attacks of real networks have been detected, but this is considered likely at some point soon.
Don’t Worry, Be Happy
Here’s the most important thing – the attacker/vandal/criminal must be physically within range of your Wi-Fi radio signal. For a typical house, the Wi-Fi is mostly inside with only a weaker signal detectable outside for about 5 to 50 feet from your walls.
This means an attacker has to be physically inside your house or very close – like sitting in a strange looking car or van parked right outside your door. Unlike most of the other security problems that have been reported in the past few years, they must be nearby or no go.
A 300 lb introverted nerd sitting in their Mother’s basement in Peoria or a team of highly trained cyber-terrorists working for a unfriendly government entity in hidden building located on the other side of the world cannot even attempt to access your home Wi-Fi network.
Be Safe – Upgrade Your Router and Devices
Nonetheless, it is still recommended to update your Wi-Fi router and all your computing devices. Some router manufacturers have already issued updates, and the rest are working on them. If you have newer product like the Eero Mesh Wi-Fi Routers, the updates will be downloaded automatically – you don’t have to do anything.
For other devices, a straightforward procedure using your web browser or a program on your computer will handle the updating. If you need help, ask someone you trust or hire a computer consultant that knows what they are doing.
Computing devices (PCs, Macs, Linux) and mobile devices (Smartphones, tablets, etc.) should also be updated. Some manufacturers have already issued fixes, others are working on them right now.
Don’t Forget Home Entertainment and Home Automation Devices
Be sure to check your streaming devices such as Roku, Apple TV, Amazon Fire TV, and similar products. Some of these will automatically update, others will need manual action.
You’ll find the biggest discrepancy in Home Automation devices. Some companies and products will be updated, others will be ignored by their manufacturer (especially the unbranded or unknown brand devices). Nest is already working on an update for their popular thermostats and other devices.
Just remember – because of the need for the attacker to be inside your hour or very close outside, you really don’t have to worry a lot about devices that don’t get updated. If you are the tin-foil hat type person then you probably turned off your Wi-Fi a long time ago anyway.)
Consider Enhanced Security Configurations / Equipment
It is certainly worth reviewing your current Wi-Fi equipment and network settings and making changes for better security. If you are still using the Wi-Fi router provided by your Internet company, you may wish to replace it with a high performance and more secure system like the Synology RT2600AC router.
If you have Wi-Fi dead spots, coverage problems, or simply want a Wi-Fi system that is higher performance and utilizes the latest advantages, then an Eero Mesh Wi-Fi network might be just the ticket.
What do you think about the Krack Wi-Fi Threat? Are you worried? Have you already upgraded your router? Let me know what you think