What You Need to Know About the Krack Wi-Fi Vulnerability
This week a vulnerability was uncovered within the WPA2 encryption that most Wi-Fi devices use to connect. The discovery found that if you are connecting your device to a Wi-Fi network using the standard protocol, you can be open to an attack from someone nearby. They don’t even need to be connected to the Wi-Fi themselves to hijack the traffic you are sending over the network.
For example, if you are sitting in a coffee shop using your phone or your computer, and have connected to the Wi-Fi network in the shop, you could be opening your device to an attack. The attacker could do things like take over your web browsing to insert malware or ransomware into the website you are visiting, without compromising the website itself for the rest of the world. Once the malicious payload is inserted into the web browser, it can easily make its way to your device to wreak havoc long after you have left the coffee shop.
Unfortunately, this vulnerability in the protocol not only affects devices like computers and mobile phones, it can affect IoT devices as well. Home and office security cameras could be at risk and the smart lights could open the door for a more broad attack on the network. The broad range of devices this attack can affect is making everyone in the IT industry nervous about how this will play out in the long term.
Most of the major players have already released patches to fix the security risk, including Microsoft and Apple, so it is a good idea to make sure your device is patched right away. For the other devices around your home and office, make sure you check with the manufacturers about how to update the devices, or if there will be replacement devices offered that are already updated.
Eric is the owner and CEO of Protek Support and is a CISSP (Certified Information Systems Security Professional). He graduated from Utah State University with a Bachelors of Science degree in Business with an emphasis in Information Technology (IT). He is an IT Services expert in a variety of technology related fields. Some of these fields include document management software/hardware, enterprise level networking and VoIP phone systems, as well as large scale software implementation projects and the setup of small business networks.