This was the stark warning issued by Mathy Vanhoef, a researcher at the University of Leuven.
According to the research, fundamental weakness in WPA2 – the protocol that secures all modern Wi-Fi networks – render them extremely susceptible to key reinstallation attacks, or KRAKs.
The repercussions of this are serious and far-reaching: a potential attacker could access anything and everything sent via these networks.
“This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos”, noted Mr Vanhoef.
Data theft is one thing, but what are the consequences when ransomware or malware code is inserted into the data exchange?
In the course of the research, Vanhoef discovered that Android, Linux, Apple, Windows, OpenBSD, MediaTek and Linksys were all affected by some variant of the attacks.
The research makes for uneasy reading for Android users, highlighting that it is particularly easy to intercept and manipulate data traffic sent by these devices.
“50% of Android devices are vulnerable to this exceptionally devastating variant of our attack”, said Vanhoef.
However, there is a glimmer of light. Device manufacturers are sure to take heed and issue a security update to fix the problem. Once this is done, to prevent an attack, users need to update affected devices asap.
Read the research paper here