NEW Cyber Threat: KRACK Attacks


KRACK Attacks Target Wifi:

Using a vulnerability in WPA2, hackers target sensitive consumer data. 

What is a KRACK Attack?

KRACK is an acronym for Key Reinstallation Attack. It involves an attacker reusing a one-time key that’s provided when a client device attempts to join a Wi-Fi network. Doing so could enable the hacker to decrypt information being exchanged between the access point and the client device, which could leave personal details like credit card numbers, messages and passwords exposed. This attack was discovered by KU Leuven’s Mathy Vanhoef.

How does it work?

When a device joins a protected Wi-Fi network, a process known as a four-way handshake takes place. This handshake ensures that the client and access point both have the correct login credentials for the network, and generates a new encryption key for protecting web traffic. That encryption key is installed during step three of the four-way handshake, but the access point will sometimes resend the same key if it believes that message may have been lost or dropped. Vanhoef’s research finds that attackers can force the access point to install the same encryption key, which the attacker can use as an entry point to decrypt personal data.

Who is affected?

Any device that is wifi capable is at risk. However, Android and Linux based devices running version 6.0 or higher are especially at risk. Currently that is about 40% of all Android devices.

What should you do?

Companies will begin issuing software updates to protect against the KRACK attacks. Update your devices as soon as possible. It is also strongly recommended that you update your router’s firmware. If you are not familiar with how to do this, please contact Datasmith for assistance. Providers have already started developing patches to fix this.

What can you do to protect yourself?

  1. If you have to update your devices and router, be cautious with what information you transmit over wifi. If you are logging in to banks or personal data sites, wait until you have a hard wired internet connection.
  2. Back-up, back-up, back-up! Back-up your data. You can never be too careful backing up your information. Services like Axcient will do it automatically for you.
  3. Use your anti-virus and firewall software. If you are unsure of how up-to-date your software is, contact us and we’ll see where it stands.
  4. Hosted exchange is the strongest email security measure you can take due to its advanced filtering capability.  Most of your pop and imap accounts don’t have this functionality. Datasmith strongly encourages ALL businesses to utilize this option as email viruses become stronger.

Datasmith has been talking about the importance of security for months now. These threats will only continue to grow in frequency and severity. We are strongly urging our clients and all businesses to check their cyber security immediately. Please call us today to ensure your business is secure.