All WiFi networks 'vulnerable to hackers', says expert

The security protocol put in place to protect the majority of the world's WiFi connections is flawed, potentially exposing internet users to hackers, according to a researcher from Belgian university KU Leuven.

Security expert Mathy Vanhoef has discovered a weakness in the WPA2 protocol known as KRACK (Key Reinstallation Attack), which could allow a hacker within range of a device using WiFi to infiltrate the encryption and steal data.

According to Vanhoef, this method of hacking could be used to breach data security on both business and personal devices, allowing attackers to reach information that was previously considered encrypted such as credit card numbers, passwords and emails.

"The attack works against all modern protected WiFi networks. Depending on the network configuration, it is also possible to inject and manipulate data," Mr Vanhoef said. "For example, an attacker might be able to inject ransomware or other malware into websites."

Mr Vanhoef's research has revealed that a variety of operating systems and devices could be affected by the broken security protocol, including Android, Apple, Windows, Linksys and Linux.

Addressing the vulnerability, Britain's National Cyber Security Centre (NCSC) released a statement suggesting that it would examine the research and put together guidance for individuals and businesses where required.

Their spokesperson said: "Internet security is a key NCSC priority and we continuously update our advice on issues such as WiFi safety, device management and browser security."

Following the release of the research, experts have confirmed that the vulnerability is unlikely to affect the security of information sent over a network that has additional data security in place. However, insecure connections to websites could be at risk until the protocol is fixed or further guidance is issues.