- Regions monitor remnants of Cylone Gita
- Fraud victims to contact police
- Thunderstorms loom over Bay of Plenty
- Rethinking trade waste
- Toxic slugs suspected in dog deaths
- A dozen Kaiaua houses uninhabitable
- Prepping for tonight’s high tide
- Evacuations and road closures
- Serious crash in Coromandel
- Sister’s plea: help find my brother
- Waihi high hazard zone ground movement
- Civil Defence issues tsunami warning
- Red Fox cold case re-opens
- Four dead, two injured in Waikato crash
- Serious crash closes Thames highway
Krack attack: NZ wi-fi users warned
Posted at 11:48am Tuesday 17 Oct, 2017
Internet NZ says New Zealanders should avoid using wi-fi following a global software hack.
Weaknesses have been discovered by Belgina researchers that allow attackers to read data that passes between a device and the wi-fi router, and CERT NZ says in some cases, attackers can alter the traffic to change what is displayed to the user.
The attacks, also known as KRACK, also give attackers the ability to inject viruses or ransonware into the website that is being visited.
This affects almost all devices including computers, mobile phones, routers and smart TV.
"If your device supports wi-fi, it is most likely affected," researchers Mathy Vanhoef and Frank Piessens says on the krackattack.com [www.krackattack.com website], which they set up to provide technical information about the flaw and methods hackers might use to attack vulnerable devices.
InternetNZ deputy chief executive Andrew Cushen says plugging in a cable to a home modem or using the data on a mobile device was the best way to keep safe until the vulnerabilities were fixed.
Microsoft’s recent security update resolves the issue, except for Vista and XP, he said.
Mr Cushen says if customers have any doubt they should contact their internet provider or their product manufacturer.
Communications company Spark said it was aware of "a global security vulnerability that has the potential to put all wi-fi networks, and the devices that access those networks, at risk of being compromised".
It was not aware of any Spark customers who had been compromised by the vulnerability to date.
It was talking to device manufacturers to find out when patches would be available for devices, and the process for installing those.
RNZ has contacted Vodafone for comment.