How to deal with KRACK!
Belgian researchers find serious leak in WPA2 security
Researchers Mathy Vanhoef and Frank Piessens discovered a weakness in the WPA2 protocol. An attacker within range of a victim can exploit this weakness using key reinstallation attacks (KRACKs). Effectively, attackers can use this attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.
The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.
The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available.
Full details on the Crack attack can be found here.
Our vendors have an answer concerning the Crack weaknesses and can be found below:
Should you be concerned about your Wi-Fi security, don’t hesitate to contact us for more information and advice.