WPA2 and Wireless Network Security Updates
The best plan for organizations is to build a strong defense to be protected from future attacks.
Articles published November 3, 2017 by Ben Killion
Recently, it was announced that Wi-Fi Protected Access II (WPA2) had been exploited and was extremely vulnerable.
WPA2 is the most commonly used Wi-Fi encryption standard. This vulnerability lets a hacker see and intercept data that’s passing from a device to the wireless connection. They do this by using key reinstallation attacks (KRACKs), which allows them to see the data that is usually safely encrypted.
This means sensitive data like credit card numbers, emails, and passwords are at risk. This attack works on all Wi-Fi networks and impacts devices that support Wi-Fi. In fact, security expert Mathy Vanhoef revealed that “Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others are all affected by some variant of the attacks.”
Vanhoef goes on to say that Linux and Android devices are especially vulnerable, and “50 percent of Android devices are vulnerable to this exceptionally devastating variant.” However, all modern protected Wi-Fi networks and devices can be compromised to steal sensitive information.
This kind of attack does not help attackers recover the targeted Wi-Fi’s password. Instead, it allows them to decrypt Wi-Fi users' data without cracking or knowing the actual password. Merely changing your Wi-Fi network password does not prevent or mitigate a KRACK.
What can you do in the meantime to avoid this from affecting your devices?
Be Wary of Public and Private Wi-Fi
First, steer clear of public Wi-Fi. Here’s some advice from Fortinet: “An attacker needs to be in reasonably close proximity in order to capture the traffic between an endpoint device and the vulnerable wireless access point. So, until things are fixed, you should be especially careful using public Wi-Fi.” It’s important to note that private Wi-Fi is vulnerable as well. For example, a hacker could gain access to a private corporate network through close proximity (such as the parking lot of the building).
Patch When Available
In this instance, installing the appropriate patch (software update) will solve this issue. Fortunately, many Wi-Fi and client-device vendors have already (or are about to) issue patches that will fix this security flaw. It’s recommended to patch and update your Wi-Fi and access points as soon as the patch becomes available. In addition to applying the patch, you can also install and leverage a Virtual Private Network (VPN) connection for mobile devices and workstations. While all security vulnerabilities should be taken seriously, it’s worth reminding you that this issue requires physical proximity to the wireless network.
Cybersecurity: Defense in Depth
When attacks like these are made known, it’s a good time to reassess your organization’s current security posture, and explore additional security options.
Technology services such as anti-virus, firewall protection, network monitoring, wireless security, and backups are layers of defense that minimize risk and enhance protection. Having a network that is protected behind an enterprise firewall and an elaborate network architecture is becoming a necessity, and can be the difference between being hacked and being secure.
Creating a culture around data security can also help prevent a lot of breaches. One way to start is to make security awareness training mandatory for all employees. This training should not only show employees the different kinds of cyber and social engineering attacks, but also show them how to recognize and avoid the attacks.
You should also have a data security policy in place. A data security policy should be used to define approved methods to securely transfer or share data and define restricted methods to help stop the use of unsupported or unsafe services and applications. They should include information about email policies, mobile devices, social networking, and internet usage. These policies should be documented, communicated (multiple times), enforced, and periodically reviewed and updated.
Many organizations leverage third-party experts for managed security services because it provides more time for internal resources to focus on core business functions and initiatives. With a managed services provider proactively monitoring your network and patching your applications, your organization can realize efficiency and productivity gains.
With almost all Wi-Fi connections vulnerable to hackers, this is a significant problem, and increases the need for organizations to have the right strategies, policies, and processes in place to enhance cybersecurity efforts. Even though patches for this issue have started to roll out, the best plan for organizations is to build a strong defense to be protected from future attacks.
What steps are you taking to prevent cyberattacks?
Read our white paper: Enhancing Information Security In An Unsecure World