Most of us have been using wireless networks (Wi-fi) daily for years, but you may not know that every one of your wireless devices is currently at risk of being hijacked. Wireless networks previously used a protocol known as WEP, which was insecure, resulting in the creation of WPA2. WPA2 was supposed to protect networks and devices, but we’ve now learned of a new vulnerability nicknamed “KRACK”, which is short for Key Reinstallation Attack.
What KRACK does is it allows hackers to eavesdrop on any compromised network traffic. For this to work, the hacker needs to be within physical range of a device and they can decrypt network traffic, hijack connections, and inject content into the traffic stream. This means you are not threatened by an overseas hacker but, instead, by someone who could be sitting next to you at a Starbucks or outside your office window.
The good news is the connection between you and your bank (and other secured websites) are not at risk. Since those sites use their own level of protection known as HTTPS, the data remains secured between your device and their server. Additionally, the vulnerability exists at the software level which means it is easy to fix and vendors such as Microsoft have already published a patch for this issue.
So, what should I do?
The most important thing to do is make sure you update all wireless devices with the latest security patches available. This includes your desktops, laptops, routers, wireless access points, and most importantly, your mobile phones. If you are a business, you should make sure you have a reliable company managing your devices and ensuring patches are continually being applied as they are released. As such, all of Optfinity’s clients are already or are in the process of being updated and protected from this vulnerability.
When out in public, you should always try to use your cellular data network, directly on your phone, or as a password-protected hotspot for your other devices. If this is not possible, make sure to utilize a VPN when connecting through a free Wi-Fi spot (as provided by most cafes and restaurants nowadays) to limit your vulnerability to hacking.
For more information on keeping yourself protected, sign-up for our newsletter or give us a call for a free assessment of your environment. We can be reached at email@example.com or via phone at 703-790-0400.