What is the KRACK WiFi Vulnerability?

KRACK is a vulnerability found in the WPA2 (WiFi Protected Access 2) security protocol. KRACK is short for Key Reinstallation Attacks. Basically researchers found a way that an attacker can decrypt data sent over the normally (relatively) secure WPA2 protocol.

Because WPA2 is nearly ubiquitous across WiFi networks this is a big deal. While the safest way to address this is to use a wired ethernet connection, that isn’t very feasible given how many people rely on wifi connections nowadays. Case in point: the MacBook Air doesn’t even have an ethernet port to use. The vulnerability was announced on Monday October 16 and it is still early days as the security community scrambles to understand, and patch, the vulnerability. Here are some early actions to take – not perfect but will improve your cybersecurity given this announcement.

What to do:

Use a VPN

Use a VPN from home, office and all WiFi hotspots to encrypt your traffic through the VPN tunnel. Consider Encrypt.me, ProtonMailVPN or NordVPN. For Enctypt.me you can set it to only connect via secure connections using the Overcloak feature.

Use HTTPS Everywhere

In general it helps to send your traffic over the secure HTTPS protocol instead of HTTP. It’s not perfect as attackers can still use the SSLStrip script to bypass this protocol but it’s pretty unlikely a freelancer would be targeted by this attack. Use the HTTPS plugin by the Electronic Frontier Foundation.

Update your operating systems

Update your operating systems now and keep updating through when vendors and operating system owners have a patch ready. Microsoft has already issued a patch but the Android operating system is particularly vulnerable and a patch is not yet available. This is a high priority issue so we expect Android to prioritize pushing a patch soon.

For additional resources and updates, read these articles: