Protect from the KRACK Attack – and Future WiFi Vulnerabilities

By this point, you’ve probably heard of the WiFi attack known as KRACK.  It has allowed hackers to intercept company’s and individual’s sensitive information via WiFi channels.  Thus far, it looks like Android and Linux devices have been affected by the worst vulnerabilities, while devices running Microsoft and Apple operating systems were spared from the brunt of the attacks.  Regardless, it’s important to grasp a solid understanding of this kind of attack to learn how to keep yourself safe from WiFi attacks – today and in the future.

What is KRACK?

KRACK, short for Key Reinstallation Attacks, is a technique used by hackers to exploit a WiFi network when they’re within range of its signal.  Hackers found a serious weakness in WPA2, which is a protocol that secures all modern protected WiFi networks, allowing them to access information that was previously assumed to be safely encrypted.  Essentially, when two devices interact with each other through WiFi, they both need to be authorized twice in what is known as a “four-way handshake.”  The KRACK weakness works by copying a previously authorized code and inserting itself in the four-way handshake.

How do I prevent WiFi weaknesses from affecting me?

To keep yourself safe from KRACK and future attacks, always update your devices that utilize WiFi with the latest security updates available.  Your IT support provider should have reacted to the KRACK attack by this point, so make sure you have the most recent updates installed.   As stated above, the good news is that hackers can ONLY infiltrate your WiFi network if they are within the vicinity, so your residential WiFi network is less likely to be at risk.  However, take extra precaution when using public WiFi networks, or avoid them altogether until ALL networks have had time to be patched.  Until this happens, consider using Ethernet whenever possible or cellular data on your phone, and remember that your IoT (Internet-of-Things) devices are connected through WiFi.  Another method of staying safe from these attacks is to install something like HTTPS Everywhere, (available on Firefox, Chrome, and Opera) to enforce HTTPS encryption.

What now?

Above all, your best option in preventing an attack is to rely on IT professionals that are up to date with the latest techniques to help keep you safe. This includes demonstrating safe Internet and WiFi habits to you.  At Pegasus, we believe in protecting your network from dangerous activity before it happens.  Our team of IT experts are hand chosen to match your company’s personality, culture, and IT infrastructure.  Contact us today to see how we can keep you safe from the KRACK attack and future WiFi weaknesses.