Protect your Wi-Fi network against vulnerabilities like Krack

October 20, 2017

As technology changes and becomes ever more sophisticated, unfortunately, cybercriminals also adapt their techniques. With great technology comes a heightened need for vigilance. One type of threat involves Wi-Fi encryptions at the router. A hacker can use the Krack (Key reinstallation attack) vulnerability in the Wi-Fi Protected Access II (WPA2) protocol to read encrypted network traffic and possibly send traffic back to the network.

Krack can affect both personal (home users, and small businesses) and enterprise networks. The risks to Canadians are that a malicious actor could use this vulnerability to steal sensitive information such as credit card numbers, passwords, emails, chat messages, photos, and possibly more, and also insert malware or ransomware that would make a website unsafe to visit.

It’s important to know that WPA2 remains one of the safer protocols. In addition, the current Krack vulnerability requires relatively close proximity between the attacker and their target The attacker would not be able to connect malicious devices to the Wi-Fi network, nor can they uncover the Wi-Fi password. Krack is also not able to compromise Virtual Private Networks (VPN) or secure online shopping or banking sites that use HTTPS for data encryption.

Manufacturers are aware of vulnerabilities and regularly roll out updates. The best way to keep your devices safe is by keeping them up-to-date. You can also contact your router’s manufacturer for instructions on how to update your router.

For more information about Krack and other alerts, visit the Canadian Cyber Incidence Response Centre:

Follow Get Cyber Safe on Twitter and Facebook.


By submitting a comment, you agree to have Public Safety Canada collect the comment and publish it on this website (comment policy).


There are no comments at this time

Date modified: