Learn tips to determine whether your Wi-Fi network could be affected by Krack and, if so, what you can do.
As a business owner, it can be overwhelming to consider all potential cyber-threats that could affect your workstations and other internet-connected devices. Recently, a Wi-Fi vulnerability dubbed “Krack” was discovered, which caused companies and managed IT providers to assess and fix specific vulnerabilities.
What is Krack?
Krack is a Wi-Fi vulnerability that affects all modern Wi-Fi networks. Most of today’s networks are protected with the Wi-Fi Protected Access II (WPA2) protocol. Researchers found a vulnerability that affects all wireless networks that use this protocol. The flaw allows anyone to break its encryption and steal data traveling between a wireless device and the Wi-Fi network, which could include passwords, data, images, and other confidential information.
The security flaw would also enable hackers to inject malware into websites. Because this vulnerability affects Wi-Fi networks, it could potentially impact many devices, regardless of the operating system.
Requirements necessary for a successful Krack attack
While there is most definitely cause to be concerned about this Wi-Fi vulnerability, various factors would have to be present for an attack to occur. Some considerations:
- SSL connections are not affected – Even if a Wi-Fi network were compromised, many websites and computer programs would send data over a Secure Sockets Layer (SSL) connection. This encryption is completely separate from any connection provided by a network utilizing WPA2. If you’re browsing the Internet, be sure to look for either “HTTPS://” in your browser or a lock image in the address bar signifying that your connection is secure. Any time you’re transmitting confidential information, you especially want to ensure that your connection is secure.
- The attacker has to be in local proximity to your network – This attack cannot be orchestrated remotely. An attacker would have to be within the range of your Wi-Fi network to gain access.
- Most Wi-Fi hardware vendors were already aware of this security weakness – Once this vulnerability was found, hardware vendors were notified to release patches to resolve the issue.
- There is no evidence that the vulnerability has been exploited. As of now, there’s no proof that anyone has been able to use this vulnerability to gain access to any Wi-Fi networks.
The Krack vulnerability signals the importance of regular security updates for all devices.
When most people think of security patches, they’re thinking of operating system updates that are typically installed automatically from time to time. While these updates are critical, they would provide little protection against the Krack vulnerability.
Because this security weakness directly affects Wi-Fi networks, companies must also ensure that all of their wireless hardware is protected. This typically involves updating the firmware on wireless routers, access points, and firewalls. If you’re unsure of how to do this, contact an IT professional for guidance.
Unsure of whether your organization is protected against the Krack vulnerability?
If you’re concerned that your organization isn’t protected against Krack, or if you’re worried about other threats and would like to take steps to avoid them, reach out to Network Computer Pros today. Our team can perform a network assessment to spot any security vulnerabilities, including Krack. Our team can be reached at 954-880-0388 or through our online contact form.