Over the last week KRACK attacks have been the topic on everyone’s radar. KRACKs, or key reinstallation attacks, target a vulnerability of the WPA2 security protocol. This allows hackers to access private information on what should be secure networks.
What KRACK can mean for you/security risk
Using what is known as a ‘man-in-the-middle’ technique, your WiFi can be attacked and information on your devices accessed. Any device using the WPA2 security protocol is susceptible to this kind of attack. Given that WPA2 is the current standard for WiFi security, it’s a big problem.
What you can do
There are several things you can do to protect yourself from this kind of attack. A short-term solution before you are able to update devices, or if a patch hasn’t yet become available, is to turn off your WiFi and use your mobile network instead. Especially whilst in public spaces as this is where you will be the least secure.
Perform security updates on your devices once the patches have become available. Windows Central has published a list of companies who have issued patches. Contact your vendor or IT support provider for more information.
Using HTTPS in a URL for web browsing (instead of HTTP) adds an additional layer of security as information is encrypted and cannot be accessed.
You can also update the firmware of your router or access point. Setup Router outlines the importance of doing this. KRACK operates by interfering with the 4-way handshake which WPA2 uses, however, new patches mean you can continue to use WPA2 more securely with minimal device reconfiguration.
What your IT provider should do for you
If you have a managed WiFi service with your IT support provider; they should be handling this for you, updating your devices, and keeping your system up to date and secure.