Don't Get Kracked

Posted by pcpaladins On November 3, 2017

Another day Another Hack!
This new hack comes from a source we have felt comfortable with for quite some time. Our WIFI security.
Yes, we all know not to use open WIFI networks, but now with a vulnerability that has been discovered and is now being exploited, we must be VERY concerned about our "secure" wireless networks.
WPA2 (WIFI Protected Access V2) is the mode that the majority of all WIFI networks use to secure their connections.

From the United States Computer Emergency Readiness Team:

“US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the WIFI Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.”

What does this mean in English?
Danger! Danger! Danger!
Well, it is bad news. Your home WIFI, your work WIFI, your smart Tv, your phone, your laptop and the "Internet of Things" devices use WPA2 to secure their communications. Your Android, Windows, Apple, Linux device is affected if you connect to a WIFI network secured with WPA2.

Here are some ways to help keep you from getting Krack(ed)

1. Changing the password on your WIFI will NOT help! Krack does not steal your password, it injects infected information into your transmission.

2. Update! UPDate! UPDATE! Microsoft announced within hours that they would be pushing our a fix via a security update. Did you remember to install those annoying updates on your computer? Some manufacturers may take a lot longer to release fixes, but even when released, if not applied, then it is ineffective. Most users don't pay attention to their firmware version, much less verify that it is up to date.

3. Get a Firewall! If you are using a router to direct internet traffic at the edge of your network, you have NO Protection from the dangerous hacks attempting to sneak in.

4. You MUST have an Antivirus. Even the worse Antivirus is better than none. Traditional security solutions are simply struggling to keep up with the incredible pace at which new threats are being introduced. Invest in a managed program that will GUARANTEE protection!

5. Avoid WIFI networks (if possible). Ok we all know that isn't going to happen. Try to plug in devices to a wired connection when possible! Using your mobile data plan when possible is a solution. Of course, that might play havoc with your data plan. Now might be a good time to evaluate your providers unlimited data plan.

6. VPN. If you have a VPN you can trust, turn it on!

7. Do not downgrade to WEP. Downgrading is not the answer to this problem; it will only increase your risks.

8. HTTPS Everywhere. HTTPS Everywhere is a free browser extension for Google, Chrome, Firefox and Opera. Browse smart! HTTP (standard web page security) is no match for hackers. This is vital to your security.

9. Call me for a Security Assessment. You have enough to worry about, let PC Paladins be your data security team!

Worry Free Tech That Will Protect!
Dawn Mooney, MCP
731.402.0682

Uncategorized

Don't Get Kracked

Related Posts

The 7 Most Critical IT Security Protections Every Business Must Have In Place Now To Protect Themselves From Cybercrime, Data Breaches And Hacker Attacks

Contact

Latest Articles

The Importance of Font Security

Brand New Zoom AI Tools

Newsletter

Social Media