Protecting Against KRACK

protecting against KRACK

Suddenly WiFi security is in the headlines around the world. Why? It was recently discovered that WiFi connections are no longer secure because of a vulnerability in WPA2, the protocol that we all use to communicate with wireless access points.

According to the official website, an attacker within range of a victim can exploit these weaknesses using Key Reinstallation Attacks (KRACK). As a result, IT admins all over the world are scrambling to protect against KRACK.

The Dangers of KRACK

WiFi security KRACK

The KRACK security vulnerability affects just about all devices that are using WiFi. This is one of the reasons that IT organizations are so worried. Just about every mobile phone, tablet, laptop, and desktop computer could be affected with the vulnerability.

Like many other serious security holes, it is critical for IT admins to take this seriously and execute on the remediation steps for KRACK. In this case, as in many others, the remediation is to patch devices.

Most OS vendors have already issued patches and those devices that are set for automatic update should be already receiving the fixes. For those situations where IT admins are on the hook to patch machines, they will want to start that process.

Best Practices for Protecting Against KRACK

top 5 security practices

  • Install the latest updates for all of your devices.
  • Avoid using public WiFi to transmit sensitive information.
  • Leverage HTTPS encryption.
  • Implement a Virtual Private Network (VPN).
  • Employ a RADIUS Server.

You can read more about these five best practices for improving your WiFi security posture here.

Protecting WiFi Beyond KRACK

Wifi authentication

WiFi security, though, isn’t just about protecting against KRACK. The issues are more significant than just a single vulnerability.

WiFi networks have been notoriously insecure since their inception. Perhaps the most significant issue has been the concept of a shared SSID and passphrase. These shared credentials are the way that employees, guests, and others access the WiFi network.

Of course, we know that shared credentials are a significant risk point. As users come and go, the somewhat private shared credentials make their way out into the public and (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at:

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 172 posts and counting.See all posts by vince-lujan