The key reinstallation attack (KRACK) targets the four-way handshake of the WPA2 protocol and relies on tricking a victim’s device into reusing an already-in-use key. It affects WPA2 Personal and Enterprise, irrespective of the encryption ciphers used by a network.
Unlike in ransomware such as the WannaCry attack, the weakness that the KRACK attack exploits is the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. This could effect any wireless device.
The best thing you can do is update your router and devices like smartphones and PCs. Updates may not yet be available. Microsoft said an automatic security update issued last week had fixed the problem for Windows 7, 8 and 10 users. A Google spokesperson stated: “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.” Apple said it had developed updates to iOS and MacOS that were in testing and would be released within weeks.
Akita is an expert IT security partner, with over 25 years of experience. Find out more about our cyber security offering:
View More