Sunday, November 26, 2017

KRACK Attack Leaves WPA2 WiFi Encryption Hacked - Do this...

The video below explains Key Reinstallation Attacks (aka KRACK), for the technically curious. 

The short story is your communications privacy over WiFi is at risk. This includes your:
  • emails, 
  • texts,
  • photos,
  • log-in ID's and passwords, 
  • credit card numbers, 
  • and even your communications to websites which normally use https:// encryption. 
In short, anything you assume is encrypted is up for grabs.

Solutions
  • Update your system software to the latest version. This includes all your devices which use WiFi.)
  • Update software on WiFi appearance points (APs) which implement the standard 802.11r (a.k.a. Fast-BSS Transition). This affects business WiFi more than residential WiFi.
  •  Upon connecting to a website make sure you see https:// and the locked symbol. 
Check here for additional information about KRACK solutions.

Risk Levels
Your risk of being a victim is highest whenever you use a public WiFi system. Risk is also high in densely populated areas.