Wi-Fi Vulnerability Alert: KRACK
By David Rossell on Oct 18, 2017

Wi-Fi Vulnerability Alert: KRACK

You’ve probably seen recent news reports about the "KRACK" vulnerability in wireless networks used in homes and businesses worldwide...

The KRACK vulnerability essentially allows an attacker to decrypt (unscramble) the wireless signals between your computer, iPad, TV, etc. and your wireless access point and/or wireless router.

To borrow a metaphor from one writer, it’s like two people are talking inside of a closed room. The attacker has now opened a door and can hear what you’re saying. As bad as this vulnerability could be, there are several factors that reduce the ability of anyone exploiting it to gain access to your data.

  1. First, there is no need to panic. An attacker needs to have an antenna within physical range of an affected wireless system. This would prevent someone in Montana from attacking a business in Washington, D.C. without local assistance - thus the probability of intrusion is much lower.
  2. If your data is already encrypted (as any, say, financial transaction, traveling over the Internet would be), the attacker still cannot read the data.  To continue the metaphor, it’s as if the conversation in the room were being communicated in a language the attacker cannot understand and can never learn. A large amount of Internet traffic and all confidential Internet traffic is encrypted and therefore safe from KRACK.
  3. Finally, manufacturers were notified of the bug weeks ago and have been rushing patches into testing and distribution. If your wireless system does not have a patch available already, it should soon.

If you are currently an Ntiva client with an existing support agreement, be assured that we are working with the manufacturers of your wireless systems to patch the security hole as quickly as possible.

We’re pleased to report that a number of systems already are secured. 

Your Client Relationship Manager and Technical Operations Manager will coordinate with your technicians to implement patches as they become available. 

As always, please don’t hesitate to contact us with any questions or concerns!

David Rossell

p.s. Remember to subscribe to our blog to ensure you continue to receive this type of update!