Thursday, October 19, 2017

KRACK Wi Fi weakness found

Lately, I‘ve been looking into how home and business wireless networks can be exposed to attacks. We have as a society been more reliant on wireless devices to complete most of our daily tasks such as banking, making payments, updating personal records all on online when we complete such daily routines online we become vulnerable to possible identity theft.  There precautionary measures we can take to protect our network devices. I have recommended in the past practices like backing up our sensitive files, updating security software and keeping up with password changes. Which are all great practices but when we send or receive information wirelessly the actual delivery of the information is where sensitive information can be open to possible theft. 
The recent Equifax breach brings this to mind the company mishandled this breach from start to finish. This left me with a bad impression of information gathering companies like Equifax. The mishandling of this breach is more reason why we must take responsibility for protecting our sensitive information online ourselves. We now find out about the KRACK attack short for Key Reinstallation Attack. This is a weakness found in the WPA2 protocol as we all know this is what is widely used for most Wi Fi networks. This opens up communications between a home Wi Fi connection to Ransomware or data manipulation such as chat messages, passwords and photos.

My understanding is there a statement by the Wi Fi industry that this issue can be resolved with software updates. There aren’t too many devices out there available to use in order to facilitate this attack but this just speaks to the flawed wireless community or the Internet of Things. If you are concerned about this attack I would use Ethernet connections between your devices on your network until the patches, firmware updates are completed especially to your wireless router.   

I would highly recommend changing your usernames and passwords to all your wireless devices or look into a possible 3rd party monitoring devices for all components on your network.

I hope this is helpful as always please leave a comment

Mark Carbajal 

No comments:

Post a Comment