KRACK Wifi Exploit Kills Your Wi-Fi Privacy - Update Every Device - PCFIXIT Business IT Solutions
 

KRACK Wifi Exploit Kills Your Wi-Fi Privacy – Update Every Device

KRACK - WPA2 Broken

KRACK Wifi Exploit Kills Your Wi-Fi Privacy – Update Every Device

What to do about the KRACK Wifi Exploit

All your Wireless Devices are at risk...KRACK

All your Wireless Devices are at risk…KRACK

So you’ve seen in the media about KRACK Wifi Exploit… What is it?

The KRACK Wifi Exploit, discovered by KU Leuven researcher Mathy Vanhoef, the flaw is being referred to as ‘KRACK’ – short for key reinstallation attack – and involves exploiting a design flaw in the four-way handshake used by the WPA2 wireless protocol, along with numerous other cryptographic protocols.

This is a serious issue that affects all types of Wi-Fi devices are likely to be vulnerable, so keep checking with the vendors of your Wi-Fi routers, access points, printers, and so on. Remember, that list increasingly includes security cameras, TVs, smart speakers and other things that we tend not to think of as part of the IT picture.

We commonly find that Wireless devices aren’t maintained by end-users meaning that latest patches and upgrades aren’t performed, with alot of people avoiding even Apple or Microsoft Updates thinking “Oh I don’t need that it just takes up spaces or slows down my computer…”, unfortunately 2017 has so far shown that ignoring security updates can be detrimental with examples of “Petya and Wannacry” causing havoc worldwide.

What you can do to protect yourself from the KRACK Wifi Exploit vulnerability?

Look to your router

Your router’s firmware absolutely needs updating. If the router has been supplied by your ISP, ask the company when their branded kit will be patched. If they don’t have an answer, keep asking. You can make sure your router is up-to-date by browsing the administration panel. Find the user guide for your ISP-branded router and follow the instructions to connect to the admin pages.

If your ISP is not quickly putting out a firmware update to fix KRACK, we advise it’s time to replace your Modem/Router/WiFi access point from a responsible manufacturer that has already issued a patch.

Apple, Google, Microsoft and other technology companies have been rushing to address issues related to the Krack Wi-Fi security vulnerability—a flaw that puts any person using wireless internet at risk of being hacked.

Lists published by CERT and Bleeping Computer may be useful, but keep checking your vendors’ web sites, and download and install the relevant updates as they become available.

Use Ethernet

If your router doesn’t yet have a fix, and you don’t have a patched WiFi access point that could be used for wireless instead, you could Ethernet into your router and turn off its wireless function until it’s patched (assuming WiFi can be disabled on your router). Turn off WiFi on your device as well so that you’re sure all traffic goes through that sweet Ethernet cable.

Most businesses use a blend of ethernet and wireless devices, in best practice to protect a business we implement a seperate WLAN using a VLAN to isolate the Wireless devices from being able to the internal business network.  We recently attended a new client’s premises after an ex-employee attended their office after-hours and sat outside and accessed confidential data, once we identified this issue we implemented new hardware and isolated the Wireless and restricted access for employee devices by restricting the allowed devices by only allowing listed MAC Addresses to be authorised to access the Wireless Network.

What about my other Wireless Devices?

Good news! Your devices can be updated to prevent the KRACK vulnerability. Updated devices and non-updated devices can co-exist on the same network as the fix is backward compatible.

So you should update all your routers and Wi-Fi devices (laptops, phones, tablets…) with the latest security patches.PCFIXIT always recommends turning on auto-updates for future vulnerabilities as this won’t be the last one. Modern operating systems have become quite good at auto-updates, although some devices (ahem Android) don’t receive a lot of updates and could continue to pose risks – This means your older Mobile Handset, be it iPhone or Android will be a security risk

The key point is that both clients and routers need to be fixed against KRACK so there are lots of potential attack vectors to consider.

 

So at this stage your probably thinking… How do I update my devices… Don’t stress this is where PCFIXIT comes to the rescue, by being able to implement security updates to devices that have applicable updates. Give our team a call on 07 5522 1120 or 1300 930 179, or you can Book Online or send us an Email 

 

 

 

No Comments

Post A Comment

Novel Coronavirus (COVID-19) Update

Given the ongoing situation relating to COVID-19 (Coronavirus) in Australia

 

Our whole team have completed an eLearning course in COVID-19 Infection Control Training from the Department of Health to ensure that we know the most up to date advice on how to minimise spread and the best hygiene practices.

 

The rapidly evolving coronavirus (COVID-19) has imposed an unsettling, fluid situation upon our community and its businesses. While the team here at PCFIXIT Business IT Solutions still aims to maintain a "business as usual" approach, we are making a number of significant changes to our operations to account for a situation that is far from normal

 

Please follow these instructions when attending our office to drop-off or pickup your device

- Please avoid any physical greetings such as shaking hands with any of our technicians.

 

- Please always respect the guidelines provided by the WHO (World Health Organization) and maintain a safe 1.5 to 2 metres distance with any of our technicians.

 

- Please note that we have stopped accepting cash as a prevention method against the new COVID-19. 

 

Please respect our guidelines and requirements to make it possible for us to help you while staying safe and sound. Revisit our website to keep on track with any new updates regarding the current situation.

 

Stay healthy and wash your hands!

 

Regards,

 

Tim McKew

Director– PCFIXIT Business IT Solutions

More Information