Is your business or organization still susceptible to the KRACK Vulnerability?
A major hole in Wi-Fi security makes it possible for attackers to eavesdrop on your data when you connect to your wireless networks. The vulnerability was given the name “KRACK”. Go figure: A “crack” in your wireless networks. The problem is how KRACK attacks the built-in security setup on your Wi-Fi network. Think of it like this: When you buy a car it comes with standard options or upgrades. Depending on your specific (WI-FI) wireless network, you can implement certain add-on security options. For this KRACK vulnerability, a (security hole) affects the Wi-Fi security protocol itself, not specific products. That means that if your device uses Wi-Fi, KRACK likely impacts it.
Here are 5 ways to protect your organization or business against KRACK Wi-Fi Vulnerability
- Update all the wireless settings on your network
- Update all devices on your network that can be updated
- Update all your routers and Wi-Fi devices (laptops, tablets) with the latest security patches.
- Consider turning on auto updates for future vulnerabilities that might need a fix as this won’t be the last.
- For the systems that don’t receive a lot of updates consider having a test environment for these systems/devices to prevent risks.
An important point: The clients (any systems that connect to your wireless network) and routers need to be fixed to ensure your systems are safe!
- Update your router
- Update your router software.
- If the router is provided by your ISP, ask the company when the router will be patched (fixed).
- Consider purchasing a wireless router/access point from a company that has already patched their devices.
- Use Ethernet
- If your router doesn’t yet have a fix, and you don’t have a patched Wi-Fi access point that could be used for wireless, you could plug your Ethernet cable into your router and turn off its wireless function until it’s patched.
- Turn off Wi-Fi on your device as well, so that you ensure all traffic goes through your Ethernet cable.
- If you still want to keep Wi-Fi for some devices, consider switching to Ethernet for your essential devices.
- What about Internet-of-Things devices?
If you own lots of devices, consider which of those devices pose the most serious risk if unencrypted traffic is intercepted. For example, you own a connected security camera that doesn’t encrypt traffic when you’re on the same Wi-Fi network, that could allow attackers to snoop on raw video footage inside your home or office
- Take action accordingly (e.g. by pulling the riskiest devices off your network until their makers’ issue patches).
- Be sure to keep an eye on the kinds of devices your employees might be connecting to your network.
- At the same time, if an attacker can intercept traffic between your smart light bulbs and your router, it’s probably fine. You should determine your level of risk and act accordingly.
That said, the Internet of Things does have a horrible reputation when it comes to security. Take this time to audit your connected device collection and consider removing any Wi-Fi devices from your network whose makers don’t quickly issue a patch as they could pose some form of long-term risk to your network.
- Install HTTPS everywhere
You can imagine the risk with browsing the internet in the clear is a big one! Consider having a standard to set encryption setting in all browsers so if someone in your organization goes to an unencrypted website it will automatically tell the browser to use encryption (HTTPS).
In closing, if you need assistance or would like to know if you are vulnerable to this critical vulnerability, we can provide a vulnerability assessment or penetration test to give your organization the keys to “KRACK” this vulnerability.
