<p>India’s cyber security agency has asked people to avoid using public Wi-Fi networks following a series of computer security incidents in recent days.<br /><br />The Indian Computer Emergency Response Team (CERT-In) said hackers can use “multiple vulnerabilities in Wi-Fi protected access and steal passwords and credit card information from users of public Wi-Fi networks in airports or railway stations.<br /><br />“Multiple vulnerabilities are reported in Wi-Fi Protected Access II (WPA2) protocol implementations, which could be exploited by an attacker within the wireless communications range,” the CERT-In has said in its warning.<br /><br />It further said the hacker could use the vulnerability to attack devices using methods like arbitrary packet decryption & injection, TCP (transmission control protocol) connection hijacking, HTTP (Hypertext Transfer Protocol) content injection, or various replay attacks.<br /><br />An attacker within the wireless communications range of access point (AP) or client could exploit multiple vulnerabilities in 4-way handshake in WPA2 protocol “to manipulate the handshake traffic, to induce nonce and session key reuse, resulting in key reinstallation by a victim wireless AP or client”, the note from the CERT-In — functioning under the Ministry of Electronics and Information Technology — said. If he succeeds, the attacker could get credit card numbers, passwords, chat messages and emails.<br /><br />“Using a virtual private network and wired networks are safe as it will encrypt all traffic. Avoid public Wi-Fi at all costs”, it said adding that “Use a wired network if your router and computer both have a spot to plug in an Ethernet cable.”<br /><br />Following a number of security incidents in India recently, the CERT-In increased the threat level of public Wi-Fis to high.<br /><br />Earlier this week, the US-CERT announced the presence of a major fault (bug) in WPA2 encryption used in Wi-Fi log ins.<br /><br />*Says major flaw in Wi-Fi security system would allow attackers to steal info<br /><br />*Recommends use of Virtual Private Network or wired network<br /><br />*Earlier this week, US-CERT announced the major flaw in Wi-Fi security protocol<br /><br /> </p>
<p>India’s cyber security agency has asked people to avoid using public Wi-Fi networks following a series of computer security incidents in recent days.<br /><br />The Indian Computer Emergency Response Team (CERT-In) said hackers can use “multiple vulnerabilities in Wi-Fi protected access and steal passwords and credit card information from users of public Wi-Fi networks in airports or railway stations.<br /><br />“Multiple vulnerabilities are reported in Wi-Fi Protected Access II (WPA2) protocol implementations, which could be exploited by an attacker within the wireless communications range,” the CERT-In has said in its warning.<br /><br />It further said the hacker could use the vulnerability to attack devices using methods like arbitrary packet decryption & injection, TCP (transmission control protocol) connection hijacking, HTTP (Hypertext Transfer Protocol) content injection, or various replay attacks.<br /><br />An attacker within the wireless communications range of access point (AP) or client could exploit multiple vulnerabilities in 4-way handshake in WPA2 protocol “to manipulate the handshake traffic, to induce nonce and session key reuse, resulting in key reinstallation by a victim wireless AP or client”, the note from the CERT-In — functioning under the Ministry of Electronics and Information Technology — said. If he succeeds, the attacker could get credit card numbers, passwords, chat messages and emails.<br /><br />“Using a virtual private network and wired networks are safe as it will encrypt all traffic. Avoid public Wi-Fi at all costs”, it said adding that “Use a wired network if your router and computer both have a spot to plug in an Ethernet cable.”<br /><br />Following a number of security incidents in India recently, the CERT-In increased the threat level of public Wi-Fis to high.<br /><br />Earlier this week, the US-CERT announced the presence of a major fault (bug) in WPA2 encryption used in Wi-Fi log ins.<br /><br />*Says major flaw in Wi-Fi security system would allow attackers to steal info<br /><br />*Recommends use of Virtual Private Network or wired network<br /><br />*Earlier this week, US-CERT announced the major flaw in Wi-Fi security protocol<br /><br /> </p>
