New Cyber Vulnerability (KRACK)

October 24, 2017

New Cyber Vulnerability (KRACK) Puts Wi-Fi Networks at Risk to Hackers

Recently, Mathy Vanhoef, a researcher from a Belgium university, discovered a security flaw in Wi-Fi Protected Access II (WPA2)—a protocol that secures almost all modern, protected Wi-Fi networks. Through this newfound vulnerability, hackers can potentially gain access to encrypted information using what is called a key reinstallation attack (KRACK).

Any organization or individual that utilizes Wi-Fi is at risk for an attack, and hackers can use the KRACK method to steal sensitive information like credit card numbers, passwords, chat messages, emails, photos and most data that is stored or transmitted online.

What’s particularly troubling about this cyber threat is that it’s not tied to a specific machine or software and is more so a flaw in how WPA2 was originally designed. Essentially, all a hacker needs to do to access your protected information is to be near your Wi-Fi access point and execute a script that tricks a system into bypassing the security. Not only does this allow cyber criminals to eavesdrop on network traffic, but they can also infect connected machines with malware.

While Vanhoef demoed the vulnerability using an Android operating system, it’s likely that KRACK can be used against a number of others, including Linux, Windows and macOS.

Thankfully, KRACK can be controlled with patches, and Vanhoef warned many companies of the security flaw long before publishing his findings, giving them time to develop a solution. It’s possible your network may already be fixed.

However, there are still a number of precautions businesses and individuals should take, including the following:

To read the original findings on KRACK, click here.

For more information about adding cyber liability insurance, connect with your Chalmers business insurance agent 800-360-3000.

Previous Post Read More Next Post