News

Wi-Fi protocol vulnerabilities

Researchers have identified security vulnerabilities in the Wi-Fi WPA2 protocol which may make all Wi-Fi enabled devices, such as mobiles, computers and internet routers, vulnerable to malicious actors stealing sensitive information such as credit card numbers, passwords and emails.

Malicious actors within range of an affected Wi-Fi device may be able to exploit this vulnerability. At this stage there are no reports of this vulnerability being exploited in Australia.

Internet banking and properly configured Virtual Private Networks (VPNs) remain secure due to an additional layer of encryption, which remains sound.

Mitigation advice:

  • Install updates to affected products as soon as they become available. Check with your device vendor on the update status.
  • Add an additional layer of encryption to your communication such as a Virtual Private Network (VPN) and ensure you visit secure HTTPS enabled websites.
  • Avoid using public Wi-Fi networks for sensitive transactions and familiarise yourself with Stay Smart Online advice.
  • Regularly back up sensitive information to a removable device, cloud service, or both.

Good cyber security practices:

Reports help the ACSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.

Cyber security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.

Information for Australian businesses
Information for individual Australian citizens
Information for Federal, State and Local government agencies