Learn tips to determine whether your Wi-Fi network could be affected by Krack and if so, what you can do.
As a business owner, it can be overwhelming to consider all of the potential cyber-threats that could affect your workstations and other internet-connected devices. Recently, a Wi-Fi vulnerability dubbed “Krack” was discovered which caused companies and managed IT providers to assess and fix specific vulnerabilities.
What is Krack?
Krack is a Wi-Fi vulnerability that affects all modern Wi-Fi networks. Most of today’s networks are protected with the Wi-Fi Protected Access II (WPA2) protocol. Researchers found a vulnerability that affects all wireless networks that use this protocol. The flaw allows for anyone to break its encryption and steal data that is traveling between a wireless device and the Wi-Fi network, which could include passwords, data, images, and other confidential information.
The security flaw would also enable hackers to inject malware into websites. Because this vulnerability affects Wi-Fi networks, it could potentially impact a huge number of devices, regardless of operating system.
Requirements necessary for a successful Krack attack
While there is most definitely cause to be concerned about this Wi-Fi vulnerability, a variety of factors would have to be present for an attack to occur. Some considerations:
- SSL connections are not affected – Even if a Wi-Fi network was compromised, many websites and computer programs will send data over a Secure Sockets Layer (SSL) connection. This encryption is completely separate from any connection provided by a network utilizing WPA2. If you’re browsing the Internet, be sure to look for either “https://” in your browser or a lock image in the address bar signifying that your connection is secure. Any time that you’re transmitting confidential information, you especially want to ensure that your connection is secure.
- The attacker has to be in local proximity to your network – This attack cannot be orchestrated remotely. An attacker would have to be within range of your Wi-Fi network to gain access.
- Most Wi-Fi hardware vendors were already aware of this security weakness – Once this vulnerability was found, hardware vendors were notified to release patches to resolve the issue.
- There is no evidence that the vulnerability has been exploited – As of now, there’s no proof that anyone has been able to use this vulnerability to gain access to any Wi-Fi networks.
The Krack vulnerability signals the importance of regular security updates for all devices
When most people think of security patches, they’re thinking of operating system updates that are typically installed automatically from time to time. While these updates are extremely important, they would provide little protection against the Krack vulnerability.
Because this security weakness affects Wi-Fi networks directly, companies must also ensure that all of their wireless hardware is protected. This typically involves updating the firmware on wireless routers, access points, and firewalls. If you’re unsure of how to do this, contact an IT professional for guidance.
Unsure of whether your organization is protected against the Krack vulnerability?
If you’re concerned that your organization isn’t protected against Krack, or if you’re worried about other threats and would like to take steps to avoid them, reach out to Network Computer Pros today. Our team can perform a network assessment to spot any security vulnerabilities, including Krack. Our team can be reached at 954-880-0388 or through our online contact form.