News of a major vulnerability within the standard WPA2 protocol has been rippling around the world. IT organizations are scrambling to audit their WiFi security posture in light of this development – and rightfully so. Below, we’ll offer our take on the KRACK WiFi security threat and the steps you can take to improve your security.
What is the WPA2 KRACK Vulnerability?
Essentially, an attacker that is within range of a potential target can take advantage of the vulnerability by using a key reinstallation attack (KRACK). This method allows the attacker to read a large amount of information that was assumed to be encrypted, including passwords, emails, credit card info, and more. This attack works with all modern protected WiFi networks on a wide variety of devices, including Android, Linux, Apple, Windows, OpenBSD, MediaTek, and Linksys (Source).
With this revelation, one thing is certain: until you take action, your WiFi-enabled devices are not safe. Your data is at risk of being read by malicious attackers, and as a result your entire organization’s security is at risk at the moment as well.
5 Steps to Improve Your WiFi Security Posture
With the news of this massive security issue, many are wondering what steps they can take to make sure that they are protected from an attack. While at the time of writing this attack is still very new, there are measures that you can take to help reduce the level of risk around this vulnerability.
#1 Ensure that you keep your devices up to date.
The main target of KRACK is clients, so making sure that you have the most recent software installations is critical. Developers will release patches to help solve or mitigate the issue, and keeping your software up to date is one of the best ways to secure your information.
Note: The most at risk device is Android phones. While everyone needs to be careful and keep their devices patched, Androids have been shown to be very easy to hack with this method. If you have an Android, it is vital that you keep it (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/auditing-wifi-security-posture-response-wpa2-krack-vulnerability/