Vietnamese Tiếng Việt | Friday, October 19, 2018 | Advertise with Us
Text Size

Vietnamese hackers cannot exploit wifi vulnerabilities: expert

(0 votes, average 0 out of 5)

Ha The Phuong, deputy CEO of CMC Infosec, has told wi-fi users not to worry about vulnerabilities in WPA/WPA2 protocol, considered the most secure encryption protocol available today.

vietnam economy, business news, vn news, vietnamnet bridge, english news, Vietnam news, news Vietnam, vietnamnet news, vn news, Vietnam net news, Vietnam latest news, Vietnam breaking news, CMC Infosec, KRACK, ransomware

Mr Ha The Phuong from CMC Infosec


The newly discovered vulnerability comes from the kernel of WPA2 which can be exploited by a new attack method called KRACK. Systems that use Android, Linux, Apple, Windows, OpenBSD, MediaTek, and Linksys all could be affected.

With the vulnerability, wi-fi systems protected by WPA2 in companies or private homes will be just like public wi-fi at cafes, and hackers can attack as if they are using computers on the same networks as the victims.

However, Phuong, a security expert, in an interview with a local newspaper, affirmed that Vietnamese hackers won’t be able to carry out attacks easily, because they need to have special wi-fi transceivers. 

Even if they can steal information, the capacity of data they can decrypt will be limited. If the devices are Linux or Android, hackers will be able to decrypt more information, but the efficiency will still depend on wi-fi routers.

Meanwhile, data on Facebook, Zalo and Google is encrypted on background transmission lines, so the attacks will not really work. 

“In a word, though the vulnerability is serious, it will not be easy to carry out attacks successfully and there is no need to be too worried about that,” he said.

Technology firms applying WPA/WPA2 are still working on a patch version for the vulnerability. Microsoft on October 18 released its patch version. Phuong believes that the vulnerability will also be fixed on other devices.

The question now is whether businesses and users would use the patches. After WannaCry ransomware attack, CMC Infosec discovered that 9,000 hosts at large businesses still had not been updated with patches for the vulnerabilities related to EternalBlue. 

This shows that businesses are still not fully aware of the risk to their information systems.

Though advising users not to worry about KRACK, Phuong said it is necessary to apply measures to avoid risks.

First, businesses and organizations should avoid the use of wi-fi to transmit important data, if possible. It would be better to use wired networks, VPN or 3G/4G.

Second, it is necessary to regularly update security patches on wi-fi routers and terminal devices soon after manufacturers release the patches. The updating of patches for receivers will protect users from attacks. Third, businesses and organizations need to be ready with data backups, and regularly check their systems.



Source: Buu Dien - VietNamNet

Maybe You Also Interesting :

» Ransomware GandCrab attacks Vietnam

A large number of Vietnamese businesses are in distress after ransomware GandCrab attacked their computers, demanding a ransom of $400-1,000.

» Vietnamese businesses fear future ransomware attacks

After the May 2017 worldwide cyberattack by the WannaCry ransomware cryptoworm, Vietnamese businesses fear being blackmailed by ransomware again.

» Experts make fuss about ransomware, businesses ignore the danger

Experts have repeatedly issued warnings about ransomware after the WannaCry attack. However, the majority of small and medium sized enterprises (SMEs) don’t...