Every WiFi Network In The World Is Now Non-Secure – WPA2 Encryption Broken.
Researchers from Belgian university KU Leuven have managed to find a way to break WPA2 encryption used as the “strongest” encryption available in WiFi networks. They published their findings yesterday and now the security organizations across the globe are trying to find ways to curb the problem.
Researchers managed to break the WPA2 encryption by using so-called KRACK (Key Reinstallation Attack) attack against the encrypted network. Breaking the network encryption isn’t exactly a trivial one, as it requires installing a WiFi router with fake MAC address and to place that router within the WLAN network’s reach.
Those most in danger now are the corporations that handle sensitive data within their networks and transfer messages within their own WiFi network without further encryption, relying on WPA2-encrypted network.
Thus, security organizations now recommend that everybody who handles sensitive data and transmits that within a WiFi network should start using SSL/TLS (basically, all web connections that are used for, say, intranet, should use https), SSH and VPN connections.
Basically all WiFi networks should now be treated as non-secure and shouldn’t be used to transmit sensitive data within or from them without further encryption.