Nonprofit Resources

print

Vulnerability Affecting Wi-Fi Networks Discovered

print
Researchers in Belgium have discovered a vulnerability affecting WPA2 (Wi-Fi Protected Access), which provides encryption on many Wi-Fi devices.

Hackers who exploit KRACK, as the vulnerability has been named, could take control of Wi-Fi networks that use WPA2. This would enable hackers to access sensitive information and introduce malware and ransomware into the Wi-Fi network.

It’s important to note that this affects all Wi-Fi-enabled devices, including:

  • Any Windows, Apple, or Linux desktop, laptop, or server with wireless chips or cards
  • Smartphones
  • Tablets and e-readers
  • Consumer and enterprise-grade routers
  • WiiFi-enabled printers and copiers
  • Internet of Things (IoT) devices (smart TVs, thermostats, alarms, security cameras, etc.)

We strongly recommend that you take these steps to protect your organization:

  • Update your Wi-Fi-enabled devices and routers as soon as possible, and keep them updated. This list shows which vendors have released patches. It will be updated as new patches become available, so check back frequently if your vendors aren’t listed.
  • Avoid using public Wi-Fi.
  • Only connect to secured websites and services. A secure connection will include HTTPS in the URL.
  • If possible, connect your computer to your router with an Ethernet cable rather than using Wi-Fi.
  • If you use a paid VPN service, enable the connection full-time until this risk is addressed.
  • Watch for suspicious activity near your office. Hackers need to be in range of the Wi-Fi signal to exploit the vulnerability.

The good news is that this vulnerability can be remedied, and you can protect your organization by being proactive.

Please contact us at cybersecurity@capincrouse.com with any questions about this or other cybersecurity issues.

Lisa Traina

Lisa is a partner at Traina & Associates, a CapinCrouse company. She uses her more than 30 years of experience to assist organizations in implementing measures to secure data and manage risks efficiently and effectively. She is a nationally recognized speaker and author, and serves on the AICPA Cybersecurity Task Force. Lisa founded Traina & Associates in 1999 to provide IS security services to a broad range of industries. Traina & Associates joined CapinCrouse in January 2017.

Leave a Comment