As you may have heard, a serious new Wi-Fi security exploit – “KRACK Attack” – was discovered earlier this week, which potentially allows attackers physically close to your building to be able to intercept secure data (including passwords, emails, etc.) transmitted via your Wi-Fi.
This is not a scam or fake news, but a legit threat to be taken seriously. Here is a video you can watch if you’re interested in the technical details: https://www.krackattacks.com/
WPA2 (the most common method used for wireless network security) is reported to have a serious flaw that allows a malicious attacker to potentially remove encryption, then be capable of seeing everything that’s transmitted via the Wi-Fi network. (This could be login and passwords, credit card and banking info, etc. and can all occur without your knowledge).
This attack can work against ALL modern protected WiFi networks, and any device that supports Wi-Fi is potentially vulnerable. We are taking this issue extremely seriously and wanted to communicate our recommendations:
Suggestions
- For now, we strongly recommend turning off WiFi connection for all devices (smartphones, tablets, laptops) if at all possible, and only accessing internet via Ethernet (hardwired) connection.
- Wireless device Operating Systems will be issuing updates ASAP, we strongly recommend completing the updates as you receive them (i.e. IOS, Android, Windows Phone, etc.)
- HOWEVER please be weary of ‘fake’ update alerts you may see. If you aren’t sure, screenshot and email to us, we will be happy to open a ticket and have one of our technical staff check it out for you.
- Until this is resolved, do not access any sensitive websites (email, banking, Facebook, etc) over the Wi-Fi connection, as hacker could obtain any password you type into a website as well as monitor your online activity
Plan of Action
- As any “IT Emergency” situation, we are asking clients to please not call our office relating to this, unless you are experiencing an urgent situation (asking non-urgent questions via email is OK)
- Please restart your computers tonight & every night as to receive important patch updates as soon as they are released (Microsoft has already released patch)
- We are working on obtaining updates to wireless devices as soon as they are released and will reach out to all ITCare clients to coordinate as soon as they are available
Please Note
- This also applies at home and in public wi-fi (school, starbucks, etc) – please use same precautions (i.e. not using Wi-Fi, not accessing sensitive websites – including email, social media, banking, etc.)
Please let us know if you have any questions. We will keep you updated as we find out more information.
Stay safe out there!
You must be logged in to post a comment.