Xenace Logo
Call Us: 0333 444 44 02
Email: info@xenace.com
  • Home
  • Blog
  • KRACK WiFi attack - What to learn

KRACK WiFi attack - What to learn

The KRACK cyber-attack reared its head one month ago, and since then every big name in tech has been working around the clock to release patches and software to fight against it. In case you haven’t heard of it, or are confused about what it is and how to protect yourself against it, here is a breakdown:

What is it?

  • KRACK stands for Key Reinstallation Attack and is a cyber-attack which accesses data through a WiFi connection.
  • It works by bypassing WPA2 (a protocol that encrypts sensitive data), by sabotaging the 4-way ‘handshake’ which takes place when your device joins a WPA2 protected network. The third step of this handshake is when an encryption key is sent, this step can be targeted to access information because the hackers can make your device send this key several times without your knowledge, which overrides the encryption.

Who is vulnerable?

  • Any device that uses WiFi is vulnerable; hackers can access any credit card numbers, passwords, chat messages, e-mails, or photos that are sent using WiFi. 
  • It has also been found by researchers that Linux and Android users are the most vulnerable to attack since both have an existing vulnerability in the code that compounds the issue. However, patches are readily becoming available for both.
  • Outdated technology without the latest patches or updates is very vulnerable as it will not have the protection that companies are now adding to secure you against this attack.

How can you protect yourself?

  • The most effective/important step is to update all your devices when an update is possible. This is good for general practice anyway as every update contains all sorts of important protection against cyber-attack. CNET has been keeping on top of the latest updates to protect against this attack so click here to see what is available to you, and to check that you are running the latest update.
  • Until you have updated your devices and secured yourself against these attacks, it is a good idea to turn off your WiFi and connect via an Ethernet cable when possible.
  • Moreover, you should stay away from public network connections and, if you really must use one, only connect to secure ones. You will be able to tell these apart as secure connections require a password.
  • However, even with password protected connections, it is best to stick to websites that use HTTPS encryption as these remain secure even when the WiFi security is at risk. The URLs of encrypted and protected website addresses will start with “HTTPS,” and unsecured websites with “HTTP.”
  • Using a VPN is good security practice regardless of cyber threat. It is an essential step for businesses to make sure their browsing activity is secure, as well as being a way to access their business network and data from anywhere. 

Although you can protect yourself from this particular attack now because the patches and updates have been released, a breach like this is a painful reminder of the importance of keeping on top of your updates for all devices, even those that do not use WiFi. Do you regularly check for updates on all of your devices? It can seem like a pain and an inconvenience, so let us take away the concern for you. Talk to us about any concerns you have about cyber-attack and let us show you how we could be of help. Our fully managed IT support package includes a layer of web security, meaning that we take care of all this sort of thing for you so you don't have to worry about falling vulnerable.

Latest Tweets
Contact Details
  • London (Head Office)
    71-75 Shelton Street
    Covent Garden
    London, WC2H 9JQ
  • Phone: 0203 890 5533
  • Essex Office
    Innovation Centre
    Boundary Road, Colchester
    Essex, CO4 3ZQ
  • Phone: 01206 911 363
  • Kent Office
    Media House, 99-101 High Street
    Kent, BR6 0LG
  • Phone: 01689 493 366
  • Email: info@xenace.com
  • Monday - Friday: 8:30 am - 6:00 pm
    Saturday - Sunday: Closed
Get in Touch
© 2021 Xenace Ltd. Terms & Conditions | Privacy Policy