Remember when you were a youngster, and lived in nightly fear of the monsters dwelling under your bed, or those hiding in the closet? That made it an act of foolishness to swing your legs over the side of the bed and expose munch-able ankles to the demons. Even worse would be to risk opening the closet door at night, to provide a portal for their crossover into the human world.
The only way to safely make it through the night was to stay motionless in bed, fully covered by your charmed-against-monsters favorite blanket, and await the safety of morning sunlight.
Krack
The demons of the night have probably long since retreated from your bedroom – but for adult internet users, they have re-emerged from the shadows, in the form of hackers and cyber attackers, still lurking, still waiting for their opportunity. And sadly, this time they are real – lately, the internet has been buzzing with the recently discovered WPA2 vulnerabilities known as KRACK.
Everyone who listens to the news occasionally, or checks their morning news feed before heading off to work, should be aware of some of the spectacular network breaches against major corporations. In fact, one or more of those violations may even have affected you personally, since several of them have resulted in massive amounts of sensitive personal information being hijacked by criminals. But such headline-grabbing attacks are far from the only depredations being carried out these days on the Internet, nor are the big corporations the only targets.
Small businesses the target of cybercriminals
Cybercriminals are starting to realize that attacks against lots of small businesses can be just as lucrative as a single attack against a major player. Ransomware attacks and other forms of malware breaches can yield significant profits when carried out in volume against small businesses, and now hackers have upped the ante to include attacks against individuals, in the form of breaching devices which are tied to the Internet of Things (IoT). It was recently demonstrated that even using an ordinary Wi-Fi connection can expose you to attack by a smart attacker, in physical proximity.
Wi-Fi Protected Access 2 (WPA2)
Wi-Fi Protected Access 2 (WPA2) is the second, and theoretically stronger, incarnation of security protocols for wireless networks, but it was recently shown to have a vulnerability which allows attackers to modify how the protocol works so that that network traffic can be intercepted. Depending on how a specific network is configured, it would have even been possible for malware to be inserted, without the attacker ever owning or disturbing standard password security, thus evading detection.
This capability makes wireless devices, including all those connected to the IoT, vulnerable to Key Reinstallation Attacks (KRACK), which compromise the encryption component of the WPA2 protocol. Without getting into the technical weaknesses which make this possible, you should know that such attacks are likely whenever a cybercriminal is physically positioned close enough to a device on a Wi-Fi network so that the signal can be intercepted and manipulated. What all this means for devices connected to the IoT, is that they would need to have software or firmware updates which close up the vulnerability to KRACK attacks. The affected manufacturers have begun issuing patches to address the problem but remember that you don’t have to only rely on patches – there are other ways to protect yourself.
Are More IoT devices Driving More Cyber Attacks?
The short answer to this is – yes. Cybercriminals are notoriously opportunistic, and the potential ubiquity of IoT devices provides merely endless possibilities for security breaches. Just “listening in” on such network traffic can provide useful, sensitive information about accounts and other data that can be converted into profits.
The monsters under your bed have grown up with you, and they have now moved into the shadows of cyberspace, waiting to nip at your ankles or to have you barge brazenly into their closet stronghold. And unfortunately, this time they are real – make sure you have a chance to fight them off by arming yourself with a protective blanket.