Or how the demise of Wi-Fi security will affect our lives, businesses and data!
Late last month while we were going about our normal routines, the world, as we knew it, was completely destroyed and recreated as an exact replica. Well, almost exact. One teensy weensy bit is just a little different. “What?” you ask? All the Wi-Fi security in the world is broken. A group of researchers discovered that it is relatively simple to completely bypass WPA wireless security and encryption (see https://www.krackattacks.com/). They have named this exploit “KRACK” which stands for Key Reinstallation Attacks. So what does this mean to me and you? Most people have Wi-Fi as an extension of their Local Area Networks (LANs) as shown in the following diagram.
With KRACK a hacker can get in between your computer and your Wi-Fi access point which allows them to get in the middle of your computer’s conversations in your network. They can pretty much do anything they want with your traffic, including inserting malware and skimming data. They can even trick your computer into giving them the passwords to your servers and websites you access, like your bank, even if you are using HTTPS. This is really scary stuff! This is not an exaggeration. If you use Wi-Fi to connect to your networks, you are at risk for complete compromise. Yup, just that simple.
So what is a person to do? You need to get this addressed as soon as possible by getting your computers, phones, tablets, and your routers updated! Or, as Yoda would say, “Patch you must!” I cannot emphasize this enough – if you use a computer you must keep your patches updated every day! If you use Mac, Linux or Android, you are particularly susceptible. If you are on Windows or iOS, you are much less so. Because this literally affects billions of devices, the likelihood that all of them being patched is very low. Thus all of the devices connected to these networks are very vulnerable. So from now on, you will need to be extra vigilant regarding who you let connect to your Wi-Fi, otherwise you will be easily compromised. The only good news, if you can call it that, is that, in order to use the KRACK exploit, the hacker needs to be physically within range of your wireless network, which is not all that hard to do. Just go sit in the parking lot with a laptop.
What do you need to do to REALLY fix this? You need to make it a priority to get your computers and wireless access points patched as soon as possible. SaviorLabs can help! Our TeamCare clients were already patched for this, because we maintain their systems 24-hours a day. They were not and are not susceptible to this kind of attack in the first place. “But how?” you ask. At SaviorLabs we have always done things a little bit differently. We put the Wi-Fi outside the corporate network and then create a Virtual Private Network, also known as a VPN, to provide an encrypted tunnel to access the corporate network.
This encrypted tunnel is very secure and makes it nearly impossible to hack. (NOTE: because I am a geek I need to say this: impossible is really too strong a word. If someone is very, very, very motivated and wants to take a lot of time and energy they could likely decrypt an encrypted VPN. However, it is a tremendous amount of effort and is usually not worth it. Also, while fixing this is critical it does not make your computer invulnerable. You still need to have up-to-date security software as well.). With a VPN, you can securely connect from your Wi-Fi, or from any other Wi-Fi such as a McDonald’s, a Starbucks, libraries, home, hotels – wherever you use the Internet. For SaviorLabs’ clients that want wireless connectivity, we always design their networks to require a VPN to access the corporate network. This makes it all much, much more secure, so you can focus on your core business.
This is a critical issue. You need to get this fixed as soon as possible by patching ALL of your systems, and seriously consider taking Wi-Fi off your internal network and using a VPN. Give SaviorLabs a call. We can help.