RALEIGH, N.C. (WNCN) – Tech companies are scrambling to fix a newly discovered problem with WiFi.
A problem that will allow hackers to steal your information by hijacking your signal.
They can do it even if you are taking all the right security measures at your end of the WiFi connection.
“This is a system wide problem where anything connected with WiFi will have this vulnerability,” says Rob Downs, the CEO of Managed IT Solutions in Raleigh.
The problem is so acute, it caught the attention of Homeland Security whose Computer Emergency Readiness Team is coordinating efforts to fix it.
WiFi users like Tahniya Sweatt of Raleigh are concerned about the problem.
“I don’t like you telling me that information,” she says. “That scares me. That really scares me.”
The vulnerability that was uncovered allows a hacker to hijack your password protected and encrypted WiFi signal and do things like insert a fake Facebook page on your device asking you to log in with your credentials.
That allows criminals access to places you’d never suspect, Downs said.
“Lots of people use their Facebook username and password for other sites, including banking sites,” he says.
Once the hackers have your username and password “they more than likely can use it for other sites,” says Downs.
The problem was discovered last July by Mathy Ivanhoe, who’s a postdoctoral researcher at the Catholic University of Leuven in Belgium.
Downs says the problem was supposed to kept under wraps while developers worked to devise a patch, but somehow the word got out early.
Microsoft has already created a patch for Windows 7-10, so devices running those systems are safe.
But, Apple and Android are still working on a fix for their operating systems.
And then, there’s all the things in your home with internet connectivity.
“Anything that talks to WiFi can be a problem,” says Downs.
“If you have a smart TV, a Nest thermostat or camera, all that will all have to be patched,” he says.
In other words, the usual fixes on your end won’t stop this hack.
“Changing your password on your WiFi won’t help,” says Downs.
The best advice, for the time being, is to avoid all public WiFi – especially password-protected ones in places like airports, coffee shops, and hotels.
You need to check on your internet connected devices at home to see if the manufacturers have updated them with patches. Many devices will auto update when their maker sends a patch, but it’s a good idea for you to check with the maker to be sure.RELATED LINKSHomeland Security’s technical analysis of the WIFI Vulnerability, including a list of vendors whose hardware is affectedIvanhoe’s research paper detailing the vulnerability