WPA2 and Your Wifi’s Security – Protect Your Business From KRACK
Yesterday, security researchers in Belgium alerted the public of a vulnerability (KRACK) in WPA2, today’s standard for encrypting data over wi-fi networks. WPA2 (WiFi Protected Access 2) has been the most secure option to deter eavesdroppers since 2004. Networks using WPA2 are everywhere and is likely what type of network you connect to everyday in your office or home. If your device supports wi-fi, it is likely affected.
If a hacker is in range of your network, a flaw in WPA2’s protocols can be manipulated to read and steal data that would otherwise be protected. The vulnerability even leaves room for an attacker to exploit data, or add new data in. That means hackers could steal your passwords, intercept your financial data, or even rearrange commands to send your money to themselves.
The “four-way handshake” is where researcher Mathy Vanhoef says the problem lies. This so-called handshake is a four step process that identifies that the user joining a network has all the correct credentials to be allowed in. It is in step 3 of the process where hackers can tamper with or record this step thus allowing them to install an encryption key to gain access to your data or create commands for identity theft.
Because of this handshake, most wi-fi enabled devices are affected, including routers, access points, computers, cell phones and tablets. Internet of Things devices like security camera systems are included in this as well. Anything capable of connecting to wi-fi should be addressed. All of these devices need to be updated and patched, which can be a painstakingly slow process at times. The common advice of resetting your password or getting a new router/device, will not work in this instance. For all of us, we are at the mercy of the manufacturers of each of these products to push out the necessary updates and patches.
The best thing users can do is to install any and all updates available to you on your devices. If you are a TMG All-Covered client, we are already installing necessary patches and updates. We will continue to do so as they become available. If you are not an All-Covered client, contact your router’s maker or your Internet Service Provider for information. Also, until updates are released, consider using ethernet or a wired connection from your computer instead of wi-fi. Consider using cellular data on your phone or tablet instead of wi-fi.
For any questions regarding your coverage against this latest in security threats, call us at 314-822-8090 or email firstname.lastname@example.org