Most of you will now be aware of the KRACK Wi-Fi flaw that emerged over the last couple of days.
KRACK stands for Key Reinstallation Attack and allows hackers to eavesdrop on virtually every internet connected device via a flaw in WPA2 (or Wi-Fi Protected Access 2). WPA2 networks are the current industry standard for protecting against eavesdroppers. They’ve been in use since 2004, so they’re everywhere, but it’s only recently that Belgian security researcher Mathy Vanhoef identified a flaw that could give hackers the opportunity to “steal your passwords, intercept financial data, or manipulate commands to send money to themselves” (source: wired.com).
There is also the potential for hackers to inject ransomware or other malware into websites. Offenders need to be within range of a Wi-Fi network in order to capitalise on this flaw, but with WPA2 enabled on tens of millions of devices globally, that offers little consolation.
According to The Age, the Australian Cyber Security Centre is investigating the issue, but in the meantime Australian organisations and individuals should “patch or update your software and applications when new versions become available”.
NetWireless suppliers have been quick to respond to the problem, with Aruba releasing new firmware almost immediately. We are also in the process of designing upgrade patches to fix this problem. If you have any concerns about the security of your devices, or would like more information on the KRACK Wi-Fi flaw and how to combat it, give us a call on 1300 324 844 to discuss how you can protect your data and gain peace of mind.
NetWireless is a multi-disciplinary IT network and management company specialising in Wi-Fi design, deployment, security and managed services. Speak to our technical consultants today (CALL 1300 324 844) to ensure your network infrastructure meets your needs.