What is the KRACK Attack and Are You Safe?

The Hidden Threat to Wireless Networks

Most of us use wireless networks (Wi-Fi) daily, but many don’t realize that every wireless device is at risk of being hijacked. Wireless networks initially relied on a protocol called WEP, which proved insecure. This led to the development of WPA2. While WPA2 was designed to protect networks and devices, a newly discovered vulnerability, “KRACK” (Key Reinstallation Attack), has exposed its flaws.

What is KRACK?

KRACK allows hackers to eavesdrop on compromised network traffic. To exploit this vulnerability, hackers must be within physical range of a device. Once connected, they can decrypt network traffic, hijack connections, and inject content into the traffic stream. This threat doesn’t come from overseas hackers but from individuals who could be nearby, such as someone at a cafe or outside your office.

Secured Connections Offer Some Protection

The good news is that connections between your device and secured websites, such as your bank, remain safe. These sites use HTTPS, which adds an extra layer of protection. Additionally, because the vulnerability exists at the software level, fixing it is straightforward. Major vendors, including Microsoft, have already released patches to address this issue.

Steps to Protect Your Devices

Update Your Devices

Ensure all wireless devices have the latest security patches. This includes desktops, laptops, routers, wireless access points, and mobile phones. Businesses should rely on trusted IT management companies to handle device updates and maintain ongoing security. Optfinity has already updated or is in the process of updating all client devices to safeguard against KRACK.

Practice Safe Browsing in Public

When using public Wi-Fi, switch to your cellular data network or use your phone as a password-protected hotspot. If that’s not possible, use a VPN to secure your connection and limit your exposure to hacking.

Stay Informed and Protected

For more information on protecting your devices, sign up for our newsletter or contact us for a free security assessment. Reach us at sales@optfinity.com or call 703-790-0400.