KRACK WiFi Security Vulnerability

Several days ago a new vulnerability was discovered in Wireless (WiFi) technology.  This vulnerability affects the most commonly used security protocol: WPA2.  Through this vulnerability, an attacker could use the wireless communication between a device (your laptop) and a Wireless Access Point to gain access to the information being transmitted.  In certain situations, it is also possible for the attacker to transmit malicious information to a device.

This attack is aimed at the device, not the wireless network.  In most implementations of this attack the attacker is only able to gain access to the information being transmitted between the device and the Wireless Access Point.  However, there are certain implementations of this attack that can allow the attacker to transmit information to the device and also through the Wireless Network.

The threat to you is that, after successful execution of this attack, the attacker will be able to “read” all of the information, unencrypted, being sent to and from your device, be it a laptop, smartphone or tablet.  This is of particular concern with Public HotSpots.  The attacker does not need to know any information about the wireless network beforehand.  This means that it is theoretically possible for an attacker to breach the communication between your device and your smartphone, if you were using your smartphone as a HotSpot.

You can read more about the KRACK wireless vulnerability here: https://www.krackattacks.com

Since the release of this vulnerability, most vendors have released firmware updates to address this vulnerability.  However, action is required on the consumer’s part to ensure the firmware updates are installed.  If you are a Runwell SkyFi client, you have nothing to worry about.  Runwell proactively monitors and updates SkyFi equipment when these types of vulnerabilities are discovered.  If you are not a SkyFi client, please call us so we can help you patch your wireless equipment.

Leave a comment