As your Internet Service provider, EarthLink is committed to keeping you informed of important cyber security events being observed globally. Below our partner Symantec shares information regarding a recent vulnerability that impacts Wi-Fi networks and how you can protect yourself.
Security researchers1 have discovered a major vulnerability in Wi-Fi Protected Access 2 (WPA2). WPA2 is a type of encryption used to secure the vast majority of Wi-Fi networks. A WPA2 network provides unique encryption keys for each wireless client that connects to it.
The vulnerability, dubbed “KRACKs” (Key Reinstallation AttaCKs), is actually a group of multiple vulnerabilities that when successfully exploited, could allow attackers to intercept and steal data transmitted across a Wi-Fi network. Digital personal information that is transmitted over the Internet or stored on connected devices — such as driver’s license number, Social Security number, credit card numbers, and more — could be vulnerable. All of this personal information can be used toward committing identity theft, such as accessing bank or investment accounts without the users knowledge.
In some instances, attackers could also have the ability to manipulate web pages, turning them into fake websites to collect information or to install malware on user’s devices.
What should you do?
Wi-Fi users should immediately update Wi-Fi-enabled devices as soon as a software update is made available. Wi-Fi enabled devices include anything that connects to the Internet — from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.
Should you change your Wi-Fi password?
No. This vulnerability does not affect the password to your router’s Wi-Fi network. Regardless of if your Wi-Fi network is password protected, this new vulnerability still puts your data at risk because it affects the devices and the Wi-Fi itself, not your home router, which is what the password protects.
Are hackers already exploiting this vulnerability?
Not yet. But as with many newly discovered vulnerabilities, it is only a matter of time before hackers find ways to exploit this weakness to their advantage.
What else can you do to help protect you connected devices while waiting for a software update?
Keep in mind that it may take some time for the manufacturer of your devices to come up with a security patch. In the meantime, there are extra steps you can take to help secure your devices.
We strongly recommend that you install and use a reputable VPN such as Norton WiFi Privacy on all your mobile devices and computers before connecting to any Wi-Fi network. By using a secure virtual private network (VPN) on your smartphones and computers, your web traffic will be encrypted and your data will be safe from interception by a hacker. A VPN creates a “secure tunnel” where information sent over a Wi-Fi connection is encrypted, making data sent to and from your device more secure.
Norton WiFi Privacy uses the same encryption technologies that leading banks deploy, so you can rest assured that your information stays secure and private. You can also browse anonymously and protect your privacy with Norton WiFi Privacy. You can mask your online activities and location with this no-log VPN that encrypts your personal information but never stores your online activity or location.
Additionally, only using HTTPS-enabled websites means your web traffic will also be encrypted by SSL and may be safer from this vulnerability. HTTPS browsing adds an extra layer of security by using encryption via the website you are visiting.
To Learn More go to: http://www.earthlink.net/software/staysafe.html?tab=wifiprivacy or call 1.866.610.0862
Symantec is an EarthLink partner. @2017 Symantec Corporation. All rights reserved.