Many organizations rely on a wireless password to protect their Wi-Fi networks. Behind the scenes, that password is used as part of a security protocol called WPA2. An attack, dubbed KRACK, has been announced that breaks that security.
The attack can permit attackers to potentially eavesdrop on your network traffic and your communications, change information, delete information, and insert information, all to cause problems and cost you money.
The good news is that the attacker needs to be within range of your Wi-Fi network. They could be some distance away if they use a strong antenna or if they plant a remotely controlled device nearby.
Do two things to mitigate this danger:
First: Apply the new patches that address this issue. That can prevent the attack.
Second: Isolate your wireless network from the rest of your network. That can help reduce the damage.
Related to the first step: Apply the most recent critical security patches, often called firmware updates, to your wireless devices. The company brands of your devices should release patches. Additionally, apply patches to your operating systems and applications that use Wi-Fi networking.
Microsoft released a patch a few days ago, on October 10, as part of the expected second Tuesday of every month patches, that solves this problem on their side of the products. At home, your automatic update should have patched your Windows workstations. But you will still need to patch your wireless access point. At the office, your IT team will need to patch the computers and devices. Please give them time to do so – it can take some time. Information about the attack in general, and some of the patches, can be found at: kb.cert.org/vuls/id/228519 If the manufacturer of your devices does not produce updates, your next step might be to replace the devices with new ones.
For the second step: It is an IT Security best practice to isolate all wireless devices on your network to be away from the wired devices. For years, organizations would add wireless capabilities to their network by connecting wireless access points to the same network as your workstations and servers. That is a very dangerous practice since it can permit wireless devices, perhaps belonging to an attacker in the van outside your building, to access the wired resources on your network. In the case of this specific attack, it makes it easier for the attacker to access the data on the most protected parts of your organization’s network. Isolate all wireless devices on their own, what your IT professionals call a, filtered subnet.
As is often the case with IT Security, this will be a risk vs. expense decision. It is important that the executives of a company make the final decision about whether or not to ask IT to implement the mitigation steps. Your IT Team will appreciate your deciding, and the choice is yours since, if there is a successful cyber-attack, the executives, especially the president, CEO, and owner will suffer the most.
Please forward this to everyone you know who uses wireless networks.