Security - Serious WiFi Exploit KRACK Discovered

/
security_privacy_hacker_crime_thief_steal_data_information_digital_criminal_breach_binary_code_danger_safety_password-100411670-large.jpg

KRACK WiFi Exploit

ATS Recommend updating all WiFi infrastructure and WiFi enabled devices.

KRACK (Key Reinstallation AttACK) affects WiFI systems protected with WPA/WPA2 encryption, the mostly widely used WiFi encryption method. If you are using WiFi, chances are, you are using WPA.

The KRACK exploit allows attackers to capture traffic sent and received from your devices to discover your passwords, this exploit is effective with many https websites.

Some devices are more vulnerable than others, particularly android and linux devices.

KRACK in action:

Based on the CCS 2017 paper "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2". Note that other devices are harder to attack. Only Android and Linux (re)install an all-zero encryption key. For additional information visit https://www.krackattacks.com

What can you do to prevent these attacks:

All devices, including PC's, Mac's, smart phones, and WiFi infrastructure should be updated to correct this bug where available.

Smart phones that do not have a patch or firmware update to address this issue should switch off WiFi and use cellular data for communication.

Contact ATS to discuss the best course of action