This month, a Grand Canyon-sized hole in WPA2 WiFi security protocol was discovered—and, it’s a vulnerability that has the potential to spell catastrophic consequences for organizations and their mobile workforces.
So, what does the threat mean to you? And, more importantly, how can you use WiFi safely?
Let’s dig in.
KRACKS is a threat to your data security
Leveraging Key Reinstallation AttaCKs, or KRACKs, to skirt WPA2 network security, hackers can sidle up to anyone logged onto a wireless network and steal their private data—data they thought had been encrypted, like login credentials, emails, and credit card numbers.
As if that weren’t enough, hackers can further exploit those insecure connections to inject malware into websites. (You know, there’s nothing like pouring a little salt into an open wound.)
It was Mathy Vanhoef, a computer security researcher, who first discovered the WiFi vulnerability. He noted, “If your device supports WiFi, it is most likely affected. In general, any data or information that the victim transmits can be decrypted… Additionally, depending on the device being used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website).”
That said, it’s Linux and Android devices which are proving to be most susceptible to attack.
KRACKS begs the question: Is WiFi ever safe?
Research is finding that our security measures aren’t as secure as we might have hoped.
For example, while only visiting web pages and apps that leverage HTTPS should provide protection, that protection relies upon those sites and apps being correctly configured.
And, of course, that’s not always the case.
The extent of the problem is addressed in this study, published by researchers at Stanford and University of Texas at Austin. Give it a read and learn just how broken SSL certificate validation really is. (Just don’t blame us when you can’t sleep at night.)
How to use WiFi safely (as you can)
For starters, make sure that you address your KRACKS vulnerability and immediately patch your devices—if a patch is currently available. (As of the time of this writing, modern Linux distros and Windows and iOS 11 have all released security patches.)
If, however, you have an older Apple device and cannot upgrade to iOS11—or you have an Android device that the manufacturer doesn’t plan to patch right away, you should never use it to access any sensitive information over WiFi.
Beyond the KRACK threat, we recommend you rigorously adhere to these WiFi security best practices:
- Immediately install all software updates and security patches as they become available
- Don’t use your mobile device to access sensitive information over WiFi, especially banking apps and password managers
- Send all of your data over a secure VPN for another layer of encryption separate from HTTPS and WPA2
- Don’t use public WiFi, ever
- Only visit websites and apps that use HTTPS—avoid anything that doesn’t employ this security protocol like the plague
From the broader organization perspective, we also recommend taking these steps:
- Use SFTP/SSH when pushing files to a server for an added layer of encryption—never use FTP which sends passwords via plaintext
- Whitelist your organization’s secure VPN IP address to ensure hackers can’t login with stolen credentials, unless they also gain access to the VPN
There’s no such thing as safe anymore.
So, take proactive steps, remain vigilant, and do the best you can. That means avoiding insecure connections and employing a layered defense with HTTPS, WPA2, and VPN.
The art of the scam is nothing new. While ransomware attacks now fuel a continuous stream of breaking news, we only have to think back to the many distraught Nigerian princes—all who suffered the loss of their uncles and were desperate to find safe places to stash their unexpected inheritances—to remember how long these “spray…
If the ransomware threat wasn’t already keeping you up at night, surely the attack on Atlanta has left you questioning the strength of your cyber defenses and disaster recovery. Now, it should be abundantly clear to all who work in local government that you are under attack. And, it’s up to you to ensure critical…
Once again, cyber attackers are proving no one is safe from a ransomware attack. This time, it’s the City of Atlanta that has fallen victim. So, what do we know? Experts suggest Atlanta may have been infected by a variant of SamSam ransomware; the same family deployed against governments and hospitals since 2015. In this…
Like a terrible foot fungus, and not nearly as pleasant, SamSam ransomware just won’t go away. This customized ransomware strain first entered the scene in 2016 and, today, it’s powering the types of targeted cyber attacks that should give all of us pause—especially those in the healthcare industry. Just consider this: In the past three…