WiFi security has been in the headlines lately in response to the Key Reinstallation Attack (KRACK). The KRACK vulnerability targets the WPA2 protocol – the protocol modern devices use to communicate with wireless access points (WAPs). With that in mind, organizations should consider having a conversation with their employees about public WiFi in response to KRACK.
KRACK is effectively a man-in-the-middle attack. Attackers broadcast a phony wireless signal that mimics the real network that victims are trying to join. The bad guys then have the ability to install an encryption key on the victim’s devices once connected, which can be used to read information that was previously assumed to be safely encrypted by WPA2.
Protecting Devices from KRACK
The good news is that the fix for KRACK can be as simple as installing manufacturer updates that most vendors have already released in response to KRACK. In most cases, users will be protected if they update their devices.
The issue is these updates won’t eliminate the KRACK vulnerability, only patch the security hole for updated devices. That means attackers will still have the ability to breach security on wireless access points that have not been updated or that cannot be updated.
That is why it is critical that everyone uses this attack as an opportunity to consider their overall WiFi security posture and come together as a community to protect ourselves from the bad guys.
Public WiFi in Response to KRACK
With that in mind, we must face some hard truths about WiFi security in response to KRACK. One topic that is critical for organizations to consider is the use of public WiFi.
A lot of people enjoy having the ability to work remotely. Not only has it been proven to increase productivity, but people just enjoy the freedom of working where they want. Despite these advantages, there are a number of serious security drawbacks to this approach – especially with the knowledge of vulnerabilities like KRACK existing in the wild.
In an ideal world, everyone would be aware of KRACK and would have already taken the (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/public-wifi-response-krack/