The Key Reinstallation Attack (KRACK) on WiFi has been in the headlines recently. For those that haven’t heard, KRACK targets the WPA2 protocol – the protocol internet connected devices leverage to communicate with wireless access points (WAPs).
Unfortunately, the KRACK attack happens on the device itself, outside of authentication and most modern network security best practices. That is why JumpCloud was quick to respond to the KRACK vulnerability to teach our customers how to secure WiFi in response to KRACK.
What is KRACK?
Since the KRACK vulnerability exists on the device level, not the network, we must be mindful that the attack is happening beyond the scope of authentication and network security for wireless capable devices.
KRACK is effectively a man-in-the-middle attack, in which the bad guys broadcast a rogue wireless signal that appears to victims as the real network they are trying to join. Once connected, attackers have the ability to install an encryption key onto user devices.
The result is that all wireless traffic that was previously assumed to be safely encrypted by WPA2 is now transmitted as plain text viewable by attackers. This information can literally be anything transmitted over WiFi including passwords, credit card information, social security numbers, photos – essentially anything you don’t want the bad guys to have.
The good news is that the fix for KRACK is simply patching the device. Most IT companies and service providers have already pushed updates to protect against KRACK. That means that as long as users update their devices, they will likely be safe from the KRACK vulnerability.
Securing WiFi beyond KRACK
While the KRACK vulnerability can be easily remedied in most circumstances, it is important that we all use this as an opportunity to start a conversation about the best practices for WiFi security with our friends, family, and peers to ensure that we as a community are doing all that we can to protect ourselves from the bad guys.
The sad truth is that while the KRACK attack has been the most recent headline, it is but one (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/secure-wifi-response-krack/