We are all used to having some form of connectivity to the internet through our PCs, smartphones, tablets, watches... even our kitchen items. Internet connectivity is an essential requirement similar to gas, electric and water, but what about the risks?
A major flaw was recently uncovered in authentication systems that are primarily used to secure wireless connections within routers. The flaw was named the “Krack”.
The vulnerability itself is simple as the brief description below explains:
Any smartphone, tablet, laptop, etc. that connects to a Wi-Fi router initiates a four-step process. The first part is called a “handshake” which permits the device and router to share information.
Hackers could potentially infiltrate the router and trick a victim into installing a mutated version of the handshake onto their device. This mutated key provides the hacker with the opportunity to reset values and settings which will weaken their security and encryption.
Hackers can then decrypt their communications or hijack the connection within their device. The router effectively becomes a carrier and isn’t affected, but the devices do become infected.
Research showed that the largest operating system that could be affected by Krack would be Linux and Android 6.0 and above, and has the potential to devastate those systems.
With more businesses offering free Wi-Fi to entice customers to visit and stay within their stores, hotel, coffee shops, etc., the hospitality industry could be a point of exploitation for this very simple yet devastating attack. Even corporate Wi-Fi services could be infected if the right software updates haven’t been applied.
We recommend that you get in touch with your Wi-Fi hardware provider and find out the last time a patch was issued to ensure you are protected from this threat.
If you’re investigating a Wi-Fi solution for your business with the right security and support, swcomms has the experience assist you.