What is the KRACK Wi-Fi vulnerability, and should you be concerned?

KRACK stands for Key Reinstallation AttaCK, and is a security flaw discovered in the Wi-Fi encryption protocols WPA and WPA2, used in almost all modern-day devices . This includes your laptop, cell phone and tablet. (Most desktop computers do not have wireless capability).

The KRACK vulnerability exists when your device first makes it’s connection to a secured Wi-Fi access point.  Step one is for your device and the access point to exchange authentication information, also known as a ‘handshake’.  By exploiting this vulnerability in WPA and WPA2, this process can be manipulated to allow a third party to obtain the encryption key.  With that, they can execute a ‘Man-in-the-middle’ based attack, and therefore view your data traffic.

Device manufacturers are racing to release patches to fix this security vulnerability.  Among those which are still vulnerable: Apple, Android and Linux devices.  A couple of points below:

  • An attacker needs to be in-range of your device and wireless access point to exploit this vulnerability. For a typical wireless router, this is a little more than 100 ft.
  • If you are using a Windows PC running Windows 7 or newer, and your PC is up-to-date on patches, you are already protected.  Microsoft released a security fix on October 10th. If you are a MoseSys managed customer, with our Patch Doctor system you can be assured that your computers have the latest patches and updates.
  • If you are using an Apple or Android device, stay tuned for patches that will be issued soon.  You may consider not connecting to public Wi-Fi hotspots, or possibly using only cellphone network data in the meantime.
  • If your network utilizes a Sonicwall firewall appliance, no changes are necessary.  Sonicwall units are not vulnerable to the KRACK exploit.
  • If you are using a third party wireless router, consider contacting the router manufacturer to see if they’ve released a new firmware update that fixes the KRACK exploit.  Consider doing the same if you are using your cable provider’s router.
  • Make sure your anti-virus, anti-malware, and software firewalls are patched and up-to-date.  For MoseSys customers, this is another area in which you can rest easy, knowing it’s taken care of.
  • ALWAYS practice discretion when using a public Wi-Fi hotspot. Do not transmit sensitive information , and try to use websites that use the HTTPS protocol (Or show the little padlock symbol in the address bar).

For more information, see PCWorld’s FAQ:

https://www.pcworld.com/article/3233308/security/krack-wi-fi-security-flaw-faq-tips.html#toc-5

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s