Major Wi-Fi Vulnerabilities as ‘KRACKen’ is Revealed
Quick Summary – What you need to know
KRACK is a significant vulnerability in Wi-Fi security, allowing an unauthorised third party to gain access to your wireless network. While the revelations are concerning, you do not need to change your passwords, as there are additional layers of security protecting your account credentials.
The good news is that it’s a software problem, and vendors are developing patches. If you have itro’s RMM agent, itro will update your macOS and Windows computers as soon as we’ve completed internal testing. If you have itro WatchGuard access points, we will also push firmware updates to those devices. Please also ensure that you install any pending updates for your mobile devices running iOS or Android.
If you’d like further information on KRACK, continue reading:
How does KRACK work?
Last night, security researchers unveiled a bug in WPA2 – The security protocol used to encrypt traffic on Wi-Fi networks. The attack exploits the handshake (the initial connection) between a client (your computer or phone) and an access point (your router or Wireless Attack WAP) and allows an aggressor to gain access to your local network. The attack affects any Wi-Fi device using WPA2 to connect to a wireless network.
Over the coming days, you’ll likely hear overreactions and fear mongering by the mainstream media. Yes, it’s bad, but not as bad as they will make out at first glace. Good security involves multiple layers, and WPA2 is just one of many layers. Used by itself, an attacker can’t do much; the danger comes from an attacker using the exploit together with another attack.
Questions to ask
1. Are you stressing about the need to change your bank password?
There’s no need to change your bank password because your web browser uses HTTPS to protect your session from other users on the Internet. An attacker must also be within range of your wireless access point, and possess a high-level understanding of network security. Finally, it’s a software – not a hardware – problem. Vendors will issue security patches for the vulnerability over the next few weeks.
2. Have you employed itro’s RMM agent?
If you’re using itro’s RMM agent, supported by macOS (High Sierra) and Windows (Windows 7 and above), endpoints will be patched as soon as Microsoft and Apple releases these fixes.
We’ll also start updating WatchGuard devices as soon as WatchGuard releases an update. It’s important to ensure that you update your mobile devices as well. iOS users can expect an update from Apple within the week for iPhone 5S and above, and iPad Air and above.
If you are unsure or not currently using itro’s RMM agent, feel free to contact itro to discuss strengthening your network security.
3. Are you using an Android phone?
It’s trickier if you’re on Android.
Google released a security patch for Android 6.0 (Marshmallow) and above. However, this does not necessarily mean that you’ll receive an update for your 6.0, 7.0 (Nougat), or 8.0 (Oreo) phone. An Android update goes through a four-step chain
- Google releases a patch for Android
- The chip manufacturer (e.g. Huawei and Qualcomm) builds a release specific for their CPU
- The phone manufacturer (e.g. Samsung, HTC, or LG) builds a release for your phone
- Your carrier (e.g. Telstra, Optus, or Vodafone) decides whether they will push the update to your phone and if they want to make additional changes
If you’re using a flagship Android device (such as the Samsung Galaxy S8 or Google Pixel), you’ll likely see an update within the next month. If you’re using a budget device – or a phone older than a year or two – you may never receive a patch.