Whether it is through a desktop computer or mobile phone, most people connected to the internet know about the importance of keeping systems updated. That is why Microsoft rolls out new patches every month like it did this week. But what if the very thing you are connected to has had a flaw since 1997? That is exactly what’s going on right now with certain internet-connected devices.
Here’s the backstory
A security researcher discovered 12 new flaws in Wi-Fi networks, which affect billions of internet-connected devices. Several of the flaws remained undetected since the creation of Wi-Fi all the way back in 1997. Called FragAttacks (fragmentation and aggregation attacks) by Mathy Vanhoef, the vulnerabilities affect all modern security protocols of Wi-Fi and even the latest WPA3 security specification. Vanhoef made a name for himself in 2017 when he revealed the existence of KRACK flaws in Wi-Fi. How bad is the situation? Well, that depends on who you ask and what network setup is being used. Vanhoef explained, through his discoveries, that the flaws are hard to exploit as several very specific things need to happen. This includes using uncommon network settings and user interaction. “The discovery of these vulnerabilities comes as a surprise because the security of Wi-Fi has in fact significantly improved over the past years. The biggest concern are the programming mistakes in Wi-Fi products since several of them are trivial to exploit,” Vanhoef explained in a blog post.
What can you do to protect your devices?
Simply put, a skilled hacker that is within the broadcast range of your Wi-Fi network’s radio signal can attack the network to steal your personal information. Although there are 12 flaws in total, three are design-related in the commonly used Wi-Fi standard. Vanhoef explained that “several other vulnerabilities were discovered that are caused by widespread programming mistakes in Wi-Fi products.” Several of the vulnerabilities allow a hacker to bypass the network’s firewall or NAT settings. This creates an opportunity to attack other devices on the network. Others try to trick a user into using a malicious DNS server. It’s highly recommended that you update your router and all of your device’s operating systems. To update your router: You’ll need to get to your router admin page. This requires the IP address used by your router and the admin password. You can usually find these in the user guide for your router brand, but some sites can help you figure it out if you don’t have this information. Tap or click here for a list of default passwords for 548 router brands. Once you’ve opened your router’s admin page, find a section called “Advanced” or “Management” to look for firmware updates. Download any updates available to bring your system up to date. For best results, you should update your router at least once every three months or so. If there is an option in your router settings that enables automatic updates, make sure to turn it on. This will ensure you never miss a beat in terms of cybersecurity. To update Windows: Click the Start Menu and tap Settings. Click Update & Security > Windows Update. From there, you’ll be able to see if updates are available for download. If not, click Check for Updates to force the process. To update Mac:
On your Mac, click the Apple menu and go to System Preferences.From there, click Software Update.If an update is available, click Update Now.
To update iPhone and iPad:
Plug your device into its charger to ensure the battery doesn’t die during the update.Tap Settings.Tap General > Software Update.If an update is available, tap Download and Install.
To update Android:
Open your phone’s Settings app.Near the bottom, tap System > Advanced > System update.You’ll see your update status.Follow any steps on the screen.
NOTE: Updating your Android could be a different process depending on the device make/model. Check your device manual if you need help. Don’t have your manual anymore? Tap or click here for thousands of free manuals online.
Keep reading
8 Google searches that put your privacy and security at risk Smarter home security: 5 sensors beyond just doors and windows