{"id":249625,"date":"2021-05-14T13:40:33","date_gmt":"2021-05-14T10:40:33","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/how-to-protect-your-wi-fi-from-fragattacks\/"},"modified":"2021-05-14T13:40:33","modified_gmt":"2021-05-14T10:40:33","slug":"how-to-protect-your-wi-fi-from-fragattacks","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/how-to-protect-your-wi-fi-from-fragattacks\/","title":{"rendered":"#How to Protect Your Wi-Fi From FragAttacks"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a23a721a800e\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a23a721a800e\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-protect-your-wi-fi-from-fragattacks\/#What_Are_FragAttacks\" >What Are FragAttacks?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-protect-your-wi-fi-from-fragattacks\/#Which_Devices_Are_Vulnerable_to_FragAttacks\" >Which Devices Are Vulnerable to FragAttacks?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-protect-your-wi-fi-from-fragattacks\/#What_Can_an_Attacker_Do_With_FragAttacks\" >What Can an Attacker Do With FragAttacks?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-protect-your-wi-fi-from-fragattacks\/#Whats_the_Actual_Risk\" >What\u2019s the Actual Risk?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/buradabiliyorum.com\/en\/how-to-protect-your-wi-fi-from-fragattacks\/#How_Do_You_Protect_Yourself\" >How Do You Protect Yourself?<\/a><\/li><\/ul><\/nav><\/div>\n<p><strong>&#8220;#How to Protect Your Wi-Fi From FragAttacks&#8221;<\/strong><\/p>\n<div>\n<figure style=\"width: 1200px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"type:primaryImage wp-image-728326 size-full\" src=\"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2021\/05\/frag-attack.jpg?width=1200&amp;trim=1,1&amp;bg-color=000&amp;pad=1,1\" alt=\"A man face-palming behind a router with a FragAttack logo.\" width=\"1200\" height=\"555\" data-crediturl=\"https:\/\/www.shutterstock.com\/image-photo\/wifi-router-low-signal-bad-connection-1406063195\" data-credittext=\"Kamil Urban\/Shutterstock.com and Darlee Urbiztondo\" onload=\"pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\" onerror=\"this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);\"\/><figcaption class=\"wp-caption-text\"><span class=\"type:primaryImage imagecredit\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.shutterstock.com\/image-photo\/wifi-router-low-signal-bad-connection-1406063195\">Kamil Urban\/Shutterstock.com and Darlee Urbiztondo<\/a><\/span><\/figcaption><\/figure>\n<p><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.fragattacks.com\/\">FragAttacks<\/a> are a group of security vulnerabilities that can be used to attack Wi-Fi devices. Every Wi-Fi device ever created <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ears vulnerable, making it possible for attackers to steal sensitive data or attack devices on your network. Here\u2019s what you need to know.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"What_Are_FragAttacks\"><\/span>What Are FragAttacks?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Disclosed on May 12, 2021, FragAttacks stands for \u201c<strong>fr<\/strong>agmentation and <strong>ag<\/strong>gregation <strong>attacks<\/strong>.\u201d These are a collection of security vulnerabilities announced together. Three of them are design flaws with Wi-Fi itself and affect most devices that use Wi-Fi.<\/p>\n<p>Additionally, the researchers found programming mistakes in many Wi-Fi products. These are even easier for attackers to abuse than the design flaws in Wi-Fi itself.<\/p>\n<p>The collection of vulnerabilities called FragAttacks were discovered by Mathy Vanhoef, the same security researcher who previously discovered KRACK, an attack on the WPA2 encryption protocol used to secure Wi-Fi networks.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Which_Devices_Are_Vulnerable_to_FragAttacks\"><\/span>Which Devices Are Vulnerable to FragAttacks?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>According to the researchers, every Wi-Fi device ever created appears vulnerable to at least one of the FragAttacks vulnerabilities. In other words, every Wi-Fi device going back to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.reviewgeek.com\/82521\/every-wi-fi-device-back-to-1997-likely-vulnerable-to-fragattacks\/\">Wi-Fi\u2019s first release in 1997<\/a> is likely vulnerable.<\/p>\n<p>That\u2019s the bad <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a>. The good news is that this vulnerability was discovered nine months before it was revealed to the public. In that time, many companies have already released security patches that protect their devices from FragAttacks. For example, Microsoft updated Windows with protection against FragAttacks in <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/redirect.viglink.com\/?u=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Fmarch-9-2021-kb5000802-os-builds-19041-867-and-19042-867-63552d64-fe44-4132-8813-ef56d3626e14&amp;key=204a528a336ede4177fff0d84a044482\">the update released on March 9, 2021<\/a>.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"What_Can_an_Attacker_Do_With_FragAttacks\"><\/span>What Can an Attacker Do With FragAttacks?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>An attacker can do one of two things with FragAttacks. First, in the right situation, FragAttacks can be used to steal data from a Wi-Fi network that should be encrypted and protected against such an attack. (Websites and applications that use HTTPS or another type of secure encryption are protected against such an attack. But, if you\u2019re sending unencrypted data over an encrypted Wi-Fi connection, a FragAttack could be used to bypass the Wi-Fi encryption.)<\/p>\n<p>This highlights the importance of securing data being sent over a network with encryption\u2014even if that data is just being sent between two devices on your local network. It\u2019s also another example of why using HTTPS everywhere is so important for the future of the web. Browsers are slowly shifting away from HTTP and to HTTPS for good reason.<\/p>\n<p>Second, the researchers say that the main concern is that FragAttacks could be used to launch attacks against vulnerable devices on a Wi-Fi network. Unfortunately, many smart home and IoT devices\u2014especially those created by strange fly-by-night brands that don\u2019t provide long-term support for their devices\u2014do not regularly receive updates. A cheap, inexpensive <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.reviewgeek.com\/35008\/the-best-smart-plugs-to-amp-up-your-dumb-devices\/\">smart plug<\/a> or <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.reviewgeek.com\/32929\/the-best-smart-bulbs-for-any-smart-home-setup\/\">smart light bulb<\/a> from an unknown brand may be easy to attack. In theory, this \u201cshouldn\u2019t matter\u201d because that device is on a trusted home network\u2014but FragAttacks offer a way to bypass the Wi-Fi network\u2019s protection and attack a device directly, just as if the attacker were connected to the same Wi-Fi network as the device.<\/p>\n<p>It\u2019s more confirmation of the importance of security updates: The devices you choose to use should be from reputable manufacturers that provide security updates and long-term support for their hardware. This even applies to cheap Wi-Fi-enabled smart plugs. Secure your smart home.<\/p>\n<p><iframe loading=\"lazy\" title=\"FragAttacks: Demonstration of Flaws in WPA2\/3\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/88YZ4061tYw?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<p><strong>RELATED:<\/strong> <strong><em>How to Protect Your Smarthome from Attack<\/em><\/strong><\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"Whats_the_Actual_Risk\"><\/span>What\u2019s the Actual Risk?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>First of all, as an attack against Wi-Fi, an attacker would have to be in the radio range of your network\u2014in other words, in your physical vicinity\u2014to execute an attack that used FragAttacks.<\/p>\n<p>In other words, if you\u2019re in an apartment or a dense urban area, there are more people nearby and you\u2019re at a somewhat higher risk. If you live somewhere without other people around, you\u2019re very unlikely to be attacked.<\/p>\n<p>Corporate networks and those of other institutions that might be high-value targets are clearly more at risk than an average home network, too.<\/p>\n<p>As of the disclosure of these flaws in May 2021, the researchers said there was no evidence any of these flaws are being exploited in the wild. So far, they appear to just be theoretical problems\u2014but the public disclosure increases the risk that people will use them to attack networks in the real world.<\/p>\n<p>So FragAttacks are a problem, but remember, this isn\u2019t a \u201cwormable\u201d attack that can spread like wildfire over the internet\u2014an attacker would have to be near you and target your network to attack your smart home devices or try to capture sensitive data. It\u2019s very important that this flaw is disclosed and that device manufacturers issue software patches for existing devices and ensure future devices are protected, of course. And there are some things you can do to protect yourself.<\/p>\n<h2 role=\"heading\" aria-level=\"2\"><span class=\"ez-toc-section\" id=\"How_Do_You_Protect_Yourself\"><\/span>How Do You Protect Yourself?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Thankfully, standard best practices for keeping your devices and network safe will also help protect you against FragAttacks. Here are the top three tips:<\/p>\n<p>First, ensure the devices you\u2019re using are getting security updates. If you\u2019re still using a Windows 7 PC or an old version of macOS that isn\u2019t getting updates, it\u2019s time to upgrade. If your router is getting long in the tooth and your manufacturer never plans on updating it again, it\u2019s time for a new router. If you have smart plugs or other old devices that aren\u2019t getting firmware updates and likely have security flaws, you should replace them with something new.<\/p>\n<p>Second, install those security updates. Modern devices will <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/general\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"General\" target=\"_blank\" rel=\"noopener\">general<\/a>ly automatically install updates for you. However, on some devices\u2014like routers\u2014you have still have to click an option or tap a button to agree to install that update.<\/p>\n<p>Third, use secure encryption. When signing in online, make sure you\u2019re on an HTTPS site. Try to use HTTPS whenever possible\u2014a browser extension like <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.eff.org\/https-everywhere\">HTTPS Everywhere<\/a> can help, but it\u2019s much less necessary now that most websites you visit likely automatically use HTTPS if it\u2019s available. Firefox can even be configured to warn you before loading websites that aren\u2019t encrypted with HTTPS. Also, try using secure encryption everywhere: Even if you\u2019re just transferring files between devices on your local network, use an application that offers encryption to secure that transfer. This will protect you from FragAttacks and other potential future flaws that could bypass your Wi-Fi encryption to spy on you.<\/p>\n<p>Of course, a VPN can route all your traffic through an encrypted connection, so it gives you extra protection against FragAttacks if you have to access an HTTP website (or another unencrypted service) and you\u2019re concerned about the network you\u2019re currently using.<\/p>\n<hr\/>\n<p>So that\u2019s it: Use devices that are getting updates, install security updates, and use encryption when connecting to websites and transferring data. Thankfully, FragAttacks aren\u2019t yet being used in the wild.<\/p>\n<p>Of course, people who handle security for corporate IT departments will have a huge job ahead of them in ensuring their infrastructure isn\u2019t vulnerable to these flaws.<\/p>\n<p>For more technical information about FragAttacks, consult <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.fragattacks.com\/\">the official FragAttacks disclosure website<\/a>.<\/p>\n<p>\u00a0<\/p>\n<\/div>\n<p><script>\n setTimeout(function(){\n  !function(f,b,e,v,n,t,s)\n  {if(f.fbq)return;n=f.fbq=function(){n.callMethod?\n  n.callMethod.apply(n,arguments):n.queue.push(arguments)};\n  if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';\n  n.queue=[];t=b.createElement(e);t.async=!0;\n  t.src=v;s=b.getElementsByTagName(e)[0];\n  s.parentNode.insertBefore(t,s) } (window, document,'script',\n  'https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n   fbq('init', '335401813750447');\n   fbq('track', 'PageView');\n  },3000);\n<\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/www.howtogeek.com\/728260\/how-to-protect-your-wi-fi-from-fragattacks\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#How to Protect Your Wi-Fi From FragAttacks&#8221; Kamil Urban\/Shutterstock.com and Darlee Urbiztondo FragAttacks are a group of security vulnerabilities that can be used to attack Wi-Fi devices. Every Wi-Fi device ever created appears vulnerable, making it possible for attackers to steal sensitive data or attack devices on your network. Here\u2019s what you need to know&#8230;.<\/p>\n","protected":false},"author":1,"featured_media":249626,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.howtogeek.com\/wp-content\/uploads\/2021\/05\/frag-attack.jpg?height=200p&trim=2,2,2,2","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-249625","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/249625","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=249625"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/249625\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/249626"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=249625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=249625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=249625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}