It’s called the KRACK attack – short for Key Reinstallation Attack – and it could cost you big time.
Or if you’re in a hurry, here’s the deal in plain English: the bad guys can use this to break into your wireless network – to see and manipulate all the traffic between your computer and router. They own you completely with this.
That means they can eavesdrop on your emails, passwords, credit card details and photos of your children.
Depending on how your wireless network is set up, they can also forge your internet traffic. This could mean installing ransomware – where you find all your data encrypted and a message extorting your for payment to get it back.
Or perhaps they might steal your processing power to mine bitcoins: your systems will slow to a crawl and you’ll have no idea why.
So North Korea can just press a button and steal my credit card?
It’s not quite that bad. This is what’s known as a proximity-based attack. That means they need to be in wireless range to hack you.
The bad news is that war drivers on the hunt for vulnerable networks will have you in their sights.
They realise that while QANTAS and the Commonwealth Bank have huge IT departments, freelancers and small suburban businesses tend not to have any IT support at all and will just keep doing what they’re doing until they notice.
It’s not all doom and gloom
The good news is that all the big tech companies realise what a mess this is and are scrambling. Windows and MacOS already have security patches – Google just released a patch for Android a few days ago.
The Fix: UPDATE ALL THE THINGS
You need to update the operating system. If you’re set up for automatic updates then you’ve probably done this already.
If, for whatever reason, you’ve switched automatic updates off – then, for crying out loud, apply the security fixes! They’re important.
So far, so good. The next thing to update is the firmware on your wireless router – firmware is kind of like the operating system that runs the device. This is the piece of the puzzle that most small business owners are liable to miss.
You can update your router’s firmware by logging in to the device’s administration panel with your web browser. If you’re not sure how to do this and can’t find where you left the bloody instruction manual then here’s a guide to help you.
Be Wary of public Wi-Fi
It’s probably a bit much to expect every hotel manager and cafe owner to be on top of this one. So use your mobile data if you can.
If you’re on the road and have absolutely no choice but to connect your laptop to public Wi-Fi to get your work done, then install the https everywhere extension to your browser. This isn’t a complete fix, but it will encrypt much of your internet traffic, so that the bad guys can’t make sense of anything even if they’re eavesdropping.
Consider the rest of your network security
We’ve all been there – business keeps you busy, with a billion and one other things to think about. Network security tends to be a thing you don’t think about until you discover it’s all gone horribly wrong.
So now is as good time as any to spend 2 minutes reviewing the rest of your network security. It could save you so much headache down the road.