A serious weakness in the security protocol used by all modern Wi-Fi networks has been uncovered. Known as a key reinstallation attack or KRACK, attackers can bypass WPA2 network security to read information passed between a router and Wi-Fi enabled devices, previously thought to be safely encrypted.

Discovered by Mathy Wanhoet, a notable computer security researcher, he warned that almost all operating systems including Android, Linux, Apple, Windows and others are affected by variants of the attack. WPA2 is the standard security protocol developed to protect and encrypt Wi-Fi networks. But last month, Mathy discovered that a vulnerability within the WPA2 protocol can be exploited across all modern Wi-Fi networks. Worryingly, the weakness is inherent to almost any device using a Wi-Fi network. Since WPA2 has been the standard on all certified Wi-Fi hardware since 2006 it is inevitably woven into our everyday life. Technology we rely on such as phones, computers and tablets are vulnerable whenever they’re connected.

How can this affect my business?

As all Wi-Fi networks are vulnerable to this exploit there could be huge implications. We share and store all manner of information on Wi-Fi enabled devices nowadays. From sensitive information such as banking details, passwords and emails to personal items such as photos or chat histories. If you consider all the Wi-Fi enabled devices you and your staff use daily, you can start to get an idea of the potential consequences of a KRACK attack. However, due to the nature of the vulnerability, an attacker must be within Wi-Fi range to attack the network but this does increase the risk for businesses within urban or built up areas. Depending on the network configuration, attackers can also inject or manipulate data through the Wi-Fi network. This is particularly concerning as viruses such as ransomware or other malware could be used to infect your systems.

Ransomware – a brief explanation

Ransomware is malicious software which threatens to publish the victim’s data or permanently block access to it unless a ransom is paid. Ransomware has reached infamy since the WannaCry attack on the NHS earlier this year and the following NotPetya attack amongst others.

What action should you take?

Microsoft were quick to respond to the threat and issued a patch. This has already been deployed to all of our managed IT support clients. Linux has since followed suit and patches for Apple and Android are now available. This has once again highlighted the need to ensure your devices are updated regularly to safeguard your systems. If you are using older, legacy operating systems such as Windows XP it is important that you look to upgrade or replace these as these systems do not receive the standard patches and updates that are vital to secure your systems. Sam Reed, Chief Technology Officer and head of our specialist cyber security services division, Air-Sec says:

Ensuring you apply updates on all computers and mobile devices regularly is key to maintaining IT security. Unless all of your systems are patched against KRACK, you should also notify your staff of the dangers and be wary when connecting to public Wi-Fi networks.

Sam Reed

How Air-IT can help

At Air-IT, we offer complete expertise across IT and Communication services, including business-grade broadband and connectivity solutions. Additionally, our cyber security division, Air-Sec has dedicated expertise in the latest threats to help you keep your business vigilant against the ever-evolving threat landscape, and can help with your Cyber Essentials accreditation. So, if you need advice about your ICT or perhaps need help to prevent attack, please contact us today on 0115 880 0044.