Cybersecurity researchers have discovered a vulnerability in Wi-Fi which means hackers could intercept communications between our devices and the Wi-Fi router.
This flaw could take advantage of vulnerabilities in the WPA2 security protocol, which is used to secure the majority of modern Wi-Fi networks.
The main attack, which the researchers claim is against the four-way handshake of the WPA2 protocol, which is used to create a key for encrypting internet traffic, works by interrupting the third step, in which the encryption key can be resent multiple times.
Once this has been done, the process of encryption is undermined, leaving systems vulnerable.
KRACK could affect devices running the Android, Linux, Apple and Windows, although Android and Linux are thought to be at particular risk.
Read next: The most secure browsers of 2017.
“Everyone using Wi-Fi is vulnerable. The protocol-level weakness impacts both WPA1 and WPA2 protocols (those used to secure both home and enterprise Wi-Fi networks),” says Bob Rudis, chief data scientist at Rapid7.
“Attackers only need to be within signal range of your Wi-Fi networks. No authentication is required.
“Organisations and home users should actively check for patches for their Wi-Fi access points and patch them immediately after a fix has been issued by vendors,” he adds.
To limit the effects of the security flaw, experts advise connecting to Wi-Fi networks via a VPN, monitor networks and apply a security patch where possible.
Read next: Best VPNs 2017.
“All users should use a VPN service when connected via public Wi-Fi or fully ensure they only connect to websites over HTTPS,” Rudis explains.