On October 15, 2017, a group of Belgian security researchers released a discovery that there are serious vulnerabilities in the encryption protocol (WPA2) used by Wi-Fi connections. This threat affects all Wi-Fi networks and can allow hackers to intercept passwords, connect to your network, steal sensitive information such as credit card numbers, emails, and even introduce ransomware or malware into the websites you visit.
The exploit is being called KRACK (Key Reinstallation Attack), based on a technique that can be used to force devices to reinstall, or reset, the encryption keys to a default value, so they can be accessed.
Security experts and the Department of Homeland Security advise that you update all your devices with the latest security patches and firmware. For devices such as routers and wireless access points, this means installing a piece of software that updates the device.
However, you’ll also need to update your computers and devices that connect to Wi-Fi networks such as tablets and cell phones. Apples iOS devices, and those running Android Operating systems were particularly vulnerable.
At this time Apple, Microsoft and Google have all announced that they have released, or are developing patches to address the issue on their devices, such as computers, tablets, and smartphones.
For our Comprehensive Care clients, we’ve already begun updating your routers and access points, and our patch management process will be pushing out security patches to computers. However, we also recommend that you update your smartphones and tablets as well. We will also be reaching out to our other clients to begin the patching process and keep your networks secure.
So, what do you, as a small business person need to do to protect yourself, your company, and client’s data?
First, I recommend that you seek out a competent it professional to review the equipment you have in place. Updating the firmware on devices like wi-fi antennas and routers can be more complex a task than you may want to take on yourself.
Second, you’ll want to make sure that all these devices get updates from the manufacturers. Many manufacturers have already begun releasing software updates for their products to protect you from this flaw.
However, some manufactures may not release patches. This will most often be the case with older equipment that is no longer being supported. In this instance, unfortunately, the best response is to replace the equipment with newer versions that have the proper security patches available.
Third, you also need to install all security patches on devices that connect to wireless networks, including desktop computers, laptops, tablets, and smartphones.
In short, while this security issue is widespread and significant, it can easily be addressed by keeping your network well maintained and up-to-date with the latest firmware versions and software patches.
If you’re a small business in the southern Wisconsin or northern Illinois area, and would like to know how the computer center can help you with issues such as this one, please give us a call.