Almost every Wi-Fi network could have been compromised, according to the US government.
A problem with the WPA 2 standard – used in almost every home Wi-Fi network – means that potentially any network using it could be broken into, according to a new warning. Once that’s happened, anything on the network is exposed, meaning that hackers could snoop on traffic that is being sent over them.
Researchers led by Mathy Vanhoef are due to reveal details of the exploit, known as KRACK, later today. But the US government has already revealed some details, in a warning that suggests the problem could be rife across the entire world.
The US Computer Emergency Readiness Team (US CERT) warned that anyone using the WPA 2 standard is probably compromised, since the issue is at the level of the protocol itself. “Note that as protocol-level issues, most or all correct implementations of the standard will be affected,” it wrote in a warning.
“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others,” it also said.
Anyone who uses a router for their home network is probably relying on that standard, and any device you connect to it will be doing the sam. The name stands for Wi-Fi Protected Access, and as the name suggests it is the second implementation.
It’s not clear how easy such an attack would be, or how it would be launched – though all of that will presumably be part of the larger reveal of the breach. It’s also not clear whether it’s actually being used yet in the wild, or whether and how existing networks will be able to updated to stay safe from it.