Posted by - October 18, 2017

Most of us have been using wireless networks (Wi-fi) daily for years, but you may not know that every one of your wireless devices is currently at risk of being hijacked. Wireless networks previously used a protocol known as WEP, which was insecure, resulting in the creation of WPA2. WPA2 was supposed to protect networks and devices, but we’ve now learned of a new vulnerability nicknamed “KRACK”, which is short for Key Reinstallation Attack.

What KRACK does is it allows hackers to eavesdrop on any compromised network traffic. For this to work, the hacker needs to be within physical range of a device and they can decrypt network traffic, hijack connections, and inject content into the traffic stream. This means you are not threatened by an overseas hacker but, instead, by someone who could be sitting next to you at a Starbucks or outside your office window.

The good news is the connection between you and your bank (and other secured websites) are not at risk. Since those sites use their own level of protection known as HTTPS, the data remains secured between your device and their server.  Additionally, the vulnerability exists at the software level which means it is easy to fix and vendors such as Microsoft have already published a patch for this issue.

So, what should I do?

The most important thing to do is make sure you update all wireless devices with the latest security patches available. This includes your desktops, laptops, routers, wireless access points, and most importantly, your mobile phones.  If you are a business, you should make sure you have a reliable company managing your devices and ensuring patches are continually being applied as they are released. As such, all of Optfinity’s clients are already or are in the process of being updated and protected from this vulnerability.

When out in public, you should always try to use your cellular data network, directly on your phone, or as a password-protected hotspot for your other devices. If this is not possible, make sure to utilize a VPN when connecting through a free Wi-Fi spot (as provided by most cafes and restaurants nowadays) to limit your vulnerability to hacking.

For more information on keeping yourself protected, sign-up for our newsletter or give us a call for a free assessment of your environment. We can be reached at sales@optfinity.com or via phone at 703-790-0400.

2 Responses to “What is the KRACK Attack and Are You Safe?”

  1. Charilyn Cowan

    Thanks for this important info Michael! I’m very glad to have the specifics.

    Reply
  2. Charilyn Cowan

    Can anybody answer a question about iOs 11.1 for iPhone and dangers of KRACK?

    I was cautioned recently (couple weeks ago) against installing Apple update iOs 11 due to some glitches in group texting and some phone functioning.

    Does the KRACK danger in not updating phone’s software overridde the concerns with functionality?

    And is it safe to use the phone and iPad browsers on the cellular network (AT&T), if not home wifi? I use both google & safari on those devices.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *