On Monday, articles popped up everywhere telling you to beware of the KRACK Hack. This hack brought to everyone’s attention a vulnerability that impacts WiFi, specifically the WPA2 encryption protocol used to encrypt your WiFi traffic. While the vulnerability is serious, the press coverage is overly-alarming. You are more likely to fall prey to a hacker by clicking on a false link in an email, or navigating to shady websites, than to be hacked by the KRACK hack.
What is the KRACK Hack?
The KRACK Hack allowed attackers, who are in range of your WiFi, to intercept some of the traffic between your devices and network, by using a “key reinstallation attack” (where the name KRACK comes from) to bypass the WPA2 network security and potentially see everything you are doing online.
However, if the traffic is encrypted properly using HTTPS (e.g. Gmail, all Hybridge email, Box, any website with a green padlock), the attacker cannot see any of your traffic. The only thing the attacker can do is look at your unencrypted traffic.
On the business side, the KRACK Hack should not greatly impact you. It is more likely to affect your at-home WiFi connections, and public WiFi connections, such as Starbuck’s Free Wifi.
How do you avoid getting hacked?
Hybridge recommends that you update your Wireless Access Points, and other devices, to the latest firmware as soon as possible. Do not use any public WiFi connections for anything important or business related.
If you are a Hybridge client with our recommended Meraki WiFi network, then we have already upgraded your systems and you are no longer vulnerable. If you are a Hybridge client and do not have Meraki WiFi, then we are in the process of reaching out to your network vendors for release patches.
If you are not a Hybridge client, or for your home WiFi, just stay on top of firmware updates for your network infrastructure, and avoid any websites or insecure email systems (like Yahoo or Godaddy) that are not encrypted.
As always please contact us at info @ hybridge.com or 888-353-1763 for a consultation with any questions or concerns.