A significant weakness has been discovered that affects all Wi-Fi users. Key Reinstallation Attack, or KRACK, affects the core encryption protocol that most Wi-Fi users depend upon to shield their browsing from others, Wi-Fi Protected Access 2 (WPA2).
WPA2 has been the standard for securing a Wi-Fi access point, especially for companies. However, WPA2 has a newly discovered loophole that allows a cybercriminal to reuse the encryption keys that are generated when a device and a router connect; this then allows them to intercept the data being communicated between the router and the device. This data could include passwords, credit card numbers, and any other information one would input online. Some networks could even allow data to be introduced from outside (like a website being infected with malware).
Details about the major flaw will be released on November 1st. This gives businesses about two weeks to make sure they are prepared.
Currently, the largest problem is for clients, which means the computers, laptops, and mobile devices are the first priority to update, but network hardware such as access points and routers are important as well.
Fortunately, Microsoft has already released an update to attend to this vulnerability; Android devices will be presenting updates during the coming weeks. Anyone running Windows 10 with automatic updates or has recently installed updates should have the fix. Other devices, including smartphones, tablets, and even your network routers and Wi-Fi access points should also be checked for updates.
Is Your Company Safe from the KRACK WPA2 Vulnerability?
If your business is paying someone to maintain and monitor your entire network, then they should be double-checking all devices to make sure they are patched to prevent this vulnerability. If you don’t have an agreement with an IT company like Macro Systems, this vulnerability could almost certainly affect your business.
If there is any doubt, reach out to us as soon as possible. Macro Systems can help you keep your network patched and up-to-date. For more information, call us at 703-359-9211.