Ngoc Minh in Hanoi was surprised after reading the news that WPA2, which is used to protect nearly all wi-fi connections, can be broken, thus disclosing users’ information.
Minh usually goes to a café, where he can enjoy the airy space and work on his laptop with free wi-fi. Even when he goes to the office, he will use a laptop instead of the desktop computer.
Most Wi-Fi connections use WPA2, the most secure encryption protocol available today. However, this protocol has been broken by the Krack technique, according to research by Mathy Vanhoef.
If hackers are within the reach of the same wi-fi network that users are accessing, they will be able to use a technique to read information transmitted such as passwords, chat messages, emails and pictures.
The habit of using public wi-fi for free and lack of security awareness among Vietnamese have made it easy to steal users’ information. |
Experts say Krack is the first attack technique in the last 15 years which can break WPA/WPA2, which is considered very safe.
Hackers can decrypt users’ wi-fi connections to find out which websites they are accessing and with whom they are chatting. They can also inject viruses to penetrate more deeply into users’ computers.
“This is a serious vulnerability because hackers can read sensitive information using wi-fi, even if their wi-fi uses WPA2, the best one now,” said Nguyen Minh Duc, CEO of CyRadar.
“The area to be affected could be very large. Google’s Android and Microsoft’s Windows all could be affected,” he said.
According to Duc, firms have been warned about the vulnerability and they are developing patching versions. However, users need to be cautious when accessing the internet and updating operating systems for their devices.
Nguyen Hong Phuc, a security expert, said warnings had been issued about the risk of having information disclosed because of the Vietnamese habit of using public wi-fi, before the warning by Vanhoef.
In late 2016, Kaspersky analyzed 31 million Wi-Fi hotspots throughout the globe and found 28 percent was unsafe for personal data. The remaining 70 percent seemed to be safer with WPA protocol and attacks depended on other factors, such as the strength of passwords.
In Vietnam, the risk is higher because according to a survey by Avast Software, more than 45 wi-fi access points in Hanoi and HCMC don’t use passwords and any security protocol for routers. Restaurants and cafes tend to set predictable passwords such as 123456789, or their names and addresses.
RELATED NEWS
10 cities in Vietnam where travelers can use free wifi