Call for Immediate Support

Blog

Are you an existing Platinum customer? Submit a Ticket

WPA2 Protocol Flaw – What You Can Do About the KRACK Vulnerability

Wi-Fi Alliance | What Is It?

WPA2 protocol isn’t all it’s KRACKed up to be since recent news surfaced about a vulnerability making Wi-Fi hacking even easier.  Before trying to understand the KRACK hack though, we must understand what WPA2 means.  But first, one must know a little history of the non-profit organization started in 1999 dubbed the Wi-Fi Alliance.  That’s right – WiFi Alliance!  One can imagine a heroic band of rebel warriors fighting against the darkest part of the evil hacking empire in an effort to bring balance to the internet universe.

In reality, the Wi-Fi Alliance is a network of companies from worldwide industries that collaborate to define Wi-Fi technology standards, performance, and security to certify Wi-Fi products.  With Wi-Fi devices now overshadowing the number of people on planet earth, it comes as no surprise that Wi-Fi’s mission is also advocating for fair worldwide spectrum rules and industry standards. https://www.wi-fi.org/

Wi-Fi Protocol | What Does WPA2 Even Mean?

In an effort to secure wireless technology, Wi-Fi Alliance developers created security protocols called WPA (Wi-Fi Protected Access), and WPA2 (Wi-Fi Protected Access II) in the early 2000s.  To further confuse you, WPA2 is also shorthand for IEEE 802.11i (or IEEE 802.11i-2004) standard.  In short, WPA2 provides a secure method of accessing wireless networks, stronger than the previous WPA protocol designed for home users.  It can be described as a wireless card negotiating an encrypted connection with a wireless access point - a sort of hand shake from a device such as your laptop and a modem or router to generate an encryption key.  It’s at this point when the vulnerability referred to as KRACK can begin intercepting wireless traffic.

Wi-Fi Exploit | KRACK What?

Now that you’re up to speed on Wi-Fi history and protocol, we can take a stab at understanding what the heck KRACK stands for - Key Reinstallation Attack.  Information such as credit card details can be exploited since the WPA2 protocol used by routers to encrypt device connections (laptops, phones, etc.) can be tricked into reusing encryption keys that should only be used once.  It sounds complicated and quite sinister, but the good news is that this exploit vulnerability was recently discovered, allowing businesses and users alike to apply more vigilance in security.

Wi-Fi Security | What Can I Do?

For those using iOS and Android based mobile devices, be on the lookout for security patches for this vulnerability to be released in the very near future (Apple iOS and Android patches are currently in development).  Microsoft has addressed this threat by releasing a security patch on October 10th.   You’ll want to be sure that this patch is in place.  Platinum Systems customers enjoying our PtMT – Managed Technology services can rest assured knowing that their systems are patched and safe.  PtRM – Remote Management customers with server and workstation coverage are patched and secure.

Cisco Wireless Access Points will need a firmware update.  If you’re not sure whether your Cisco devices have been updated, contact our service team at 888-910-4407 or a member of our Solutions team by emailing info@platinumsystems.net.

Proactive research into potential weaknesses and implementation of savvy security measures is all part of the Wi-Fi connected world we live in, with security patches now a way of life.  More information about this security update can be found at https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update.

 *PtRM and Non-Managed IT Customers Note:  For customers who do not have workstations covered under their PtRM – Remote Managed service support, please contact a member of our Solutions Team to discuss the steps needed to adding this critical coverage to your agreement.  

Want to know more?

Are you ready to find out what Platinum can do for you? Free Consultation