Home / technology / Vietnamese hackers cannot exploit wifi vulnerabilities: expert

Vietnamese hackers cannot exploit wifi vulnerabilities: expert

VietNamNet Bridge – Ha The Phuong, deputy CEO of CMC Infosec, has told wi-fi users not to worry about vulnerabilities in WPA/WPA2 protocol, considered the most secure encryption protocol available today.

vietnam economy, business news, vn news, vietnamnet bridge, english news, Vietnam news, news Vietnam, vietnamnet news, vn news, Vietnam net news, Vietnam latest news, Vietnam breaking news, CMC Infosec, KRACK, ransomware

Mr Ha The Phuong from CMC Infosec

The newly discovered vulnerability comes from the kernel of WPA2 which can be exploited by a new attack method called KRACK. Systems that use Android, Linux, Apple, Windows, OpenBSD, MediaTek, and Linksys all could be affected.

With the vulnerability, wi-fi systems protected by WPA2 in companies or private homes will be just like public wi-fi at cafes, and hackers can attack as if they are using computers on the same networks as the victims.

The newly discovered vulnerability comes from the kernel of WPA2 which can be exploited by a new attack method called KRACK. Systems that use Android, Linux, Apple, Windows, OpenBSD, MediaTek, and Linksys all could be affected.

However, Phuong, a security expert, in an interview with a local newspaper, affirmed that Vietnamese hackers won’t be able to carry out attacks easily, because they need to have special wi-fi transceivers. 

Even if they can steal information, the capacity of data they can decrypt will be limited. If the devices are Linux or Android, hackers will be able to decrypt more information, but the efficiency will still depend on wi-fi routers.

Meanwhile, data on Facebook, Zalo and Google is encrypted on background transmission lines, so the attacks will not really work. 

“In a word, though the vulnerability is serious, it will not be easy to carry out attacks successfully and there is no need to be too worried about that,” he said.

Technology firms applying WPA/WPA2 are still working on a patch version for the vulnerability. Microsoft on October 18 released its patch version. Phuong believes that the vulnerability will also be fixed on other devices.

The question now is whether businesses and users would use the patches. After WannaCry ransomware attack, CMC Infosec discovered that 9,000 hosts at large businesses still had not been updated with patches for the vulnerabilities related to EternalBlue. 

This shows that businesses are still not fully aware of the risk to their information systems.

Though advising users not to worry about KRACK, Phuong said it is necessary to apply measures to avoid risks.

First, businesses and organizations should avoid the use of wi-fi to transmit important data, if possible. It would be better to use wired networks, VPN or 3G/4G.

Second, it is necessary to regularly update security patches on wi-fi routers and terminal devices soon after manufacturers release the patches. The updating of patches for receivers will protect users from attacks. Third, businesses and organizations need to be ready with data backups, and regularly check their systems.

RELATED NEWS

Users vulnerable to hackers’ attacks when using public wi-fi

Ministry to crack down on the sale of illegal SIM cards

Buu Dien

About admin

Check Also

“Digital Integration of assets is key for digital transformation success”

SINGAPORE. 14 November 2018 – This was the message from Neural Technologies’ VP of Marketing ...

Leave a Reply

Your email address will not be published. Required fields are marked *