20 Oct KRACK Wifi Exploit Kills Your Wi-Fi Privacy – Update Every Device
What to do about the KRACK Wifi Exploit
So you’ve seen in the media about KRACK Wifi Exploit… What is it?
The KRACK Wifi Exploit, discovered by KU Leuven researcher Mathy Vanhoef, the flaw is being referred to as ‘KRACK’ – short for key reinstallation attack – and involves exploiting a design flaw in the four-way handshake used by the WPA2 wireless protocol, along with numerous other cryptographic protocols.
This is a serious issue that affects all types of Wi-Fi devices are likely to be vulnerable, so keep checking with the vendors of your Wi-Fi routers, access points, printers, and so on. Remember, that list increasingly includes security cameras, TVs, smart speakers and other things that we tend not to think of as part of the IT picture.
We commonly find that Wireless devices aren’t maintained by end-users meaning that latest patches and upgrades aren’t performed, with alot of people avoiding even Apple or Microsoft Updates thinking “Oh I don’t need that it just takes up spaces or slows down my computer…”, unfortunately 2017 has so far shown that ignoring security updates can be detrimental with examples of “Petya and Wannacry” causing havoc worldwide.
What you can do to protect yourself from the KRACK Wifi Exploit vulnerability?
Look to your router
Your router’s firmware absolutely needs updating. If the router has been supplied by your ISP, ask the company when their branded kit will be patched. If they don’t have an answer, keep asking. You can make sure your router is up-to-date by browsing the administration panel. Find the user guide for your ISP-branded router and follow the instructions to connect to the admin pages.
If your ISP is not quickly putting out a firmware update to fix KRACK, we advise it’s time to replace your Modem/Router/WiFi access point from a responsible manufacturer that has already issued a patch.
Apple, Google, Microsoft and other technology companies have been rushing to address issues related to the Krack Wi-Fi security vulnerability—a flaw that puts any person using wireless internet at risk of being hacked.
Lists published by CERT and Bleeping Computer may be useful, but keep checking your vendors’ web sites, and download and install the relevant updates as they become available.
Use Ethernet
If your router doesn’t yet have a fix, and you don’t have a patched WiFi access point that could be used for wireless instead, you could Ethernet into your router and turn off its wireless function until it’s patched (assuming WiFi can be disabled on your router). Turn off WiFi on your device as well so that you’re sure all traffic goes through that sweet Ethernet cable.
Most businesses use a blend of ethernet and wireless devices, in best practice to protect a business we implement a seperate WLAN using a VLAN to isolate the Wireless devices from being able to the internal business network. We recently attended a new client’s premises after an ex-employee attended their office after-hours and sat outside and accessed confidential data, once we identified this issue we implemented new hardware and isolated the Wireless and restricted access for employee devices by restricting the allowed devices by only allowing listed MAC Addresses to be authorised to access the Wireless Network.
What about my other Wireless Devices?
Good news! Your devices can be updated to prevent the KRACK vulnerability. Updated devices and non-updated devices can co-exist on the same network as the fix is backward compatible.
So you should update all your routers and Wi-Fi devices (laptops, phones, tablets…) with the latest security patches.PCFIXIT always recommends turning on auto-updates for future vulnerabilities as this won’t be the last one. Modern operating systems have become quite good at auto-updates, although some devices (ahem Android) don’t receive a lot of updates and could continue to pose risks – This means your older Mobile Handset, be it iPhone or Android will be a security risk
The key point is that both clients and routers need to be fixed against KRACK so there are lots of potential attack vectors to consider.
So at this stage your probably thinking… How do I update my devices… Don’t stress this is where PCFIXIT comes to the rescue, by being able to implement security updates to devices that have applicable updates. Give our team a call on 07 5522 1120 or 1300 930 179, or you can Book Online or send us an Email
No Comments