Wi-Fi Security WPA2 Krack: What does this mean and what immediate steps can you take to protect your staff, friends and family?
Researchers have found a security vulnerability that can compromise almost all Wi-Fi WPA2 devices.
Wi-Fi Security is broken but don’t panic!
Devices that use Wi-Fi talk to each other wirelessly and in order to prevent hackers from stealing or snooping on your data, the devices encrypt the data communication making it secure. The vulnerability is called Krack (short for key reinstallation attacks). It’s a serious flaw in the encryption protocol known as WPA2.
If used in an abusive way Krack can be used to steal sensitive data such as banking details, credit card information, passwords, photos, emails etc. etc.
Don’t panic! So far, this vulnerability has been unearthed by academic researchers. It affects all known Wi-Fi networks including Android, Linux, Apple, Windows and more. The research will undoubtedly help to improve security for all. The UK’s Cyber Security Centre has said that would be attackers would have to be in close physical proximity if they wanted to attack and it (Krack) doesn’t appear to work on websites that are using HTTPs encryption.
How can you stay safe?
Almost all manufacturers will be releasing updates to correct this Wi-Fi security vulnerability. We recommend that you look out for updates and install them on all the wireless devices that you use. It’s important that both the client devices and routers are updated. For home users, you will need to call your ISP and ask them if your router has been updated. For office users, your IT Support team will be able to advise on updates.
Some Wi-Fi manufacturers are ahead of the game and have already released an update. Meraki and Ubiquiti being among the forerunners.
What else can you do?
Consider using cellular data on your phone
Use an ethernet connection
Use a trusted VPN source
Update any IOT Internet-of-Things devices such as CCTV cameras, smart lightbulbs
As always, we advise business owners to ensure their networks are properly looked after by professionals. Ensure you have adequate data protection and cyber security solutions in place.
Please contact us to organise a security review of your network if you are unsure or are not already working with an IT support company.