Wireless Security - KracAttaCK
Published in Wireless Security · Monday 16 Oct 2017 · 2:15
Published - 10/16/2017
WPA and WPA2
KracAttaCK
You may have heard the news recently released on Monday, 10/16/2017,regarding wireless security.
The report is known as "KrackAttaCK" (Key Reinstallation AttaCKs).
There are many news reports coming from this. One of the myths spreading already, is that if you access a site using secure protocol, HTTPS, you are safe. This is simply not true.
The fix has 2 sides.
1. Protect your own network and site. The wireless equipment must be upgraded, replaced or patched. This is manufacturer dependant, on what they will do. Many manufactures will be late to the game, if ever arriving at all. It is likely older equipment will never be patched. WPA and WPA2 were released in 2003 / 2004 as an "Industry Standard Security Protocol", and is not a manufacturer specific software code. The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. There is a lot of unsupported legacy equipment out there, to say the least, using WPA and WPA2.
Litecom's currently deployed enterprise wireless solution manufacturer, has already generated a software update to mitigate the issue, from the wireless manufacturers standpoint. New Litecom installations from 10/19/2017 forward, will include the fix as stream line.
Please open a ticket thru the ticket portal, if you wish to have the update applied, or your current wireless solution evaluated or replaced. This is highly recommended.
2. Based on reports, Keep your computers at current OS, and update levels.
If you are a current Litecom RMM Customer, we are already taking care of this for you.
Litecom recommends our RMM enterprise service
We recommend Litecom performing a complete network evaluation for security risks.
You can review the Mid-Level document describing the issue at, https://www.krackattacks.com/ from the engineer (Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven) whom discovered the issue.
Please open a ticket thru the ticket portal, if you wish to have the update applied, or your current wireless solution evaluated or replaced. This is highly recommended.
We recommend Litecom performing a complete network evaluation for security risks.