The name of the vulnerability is KRACK and there are some risks associated with WiFi systems and the interception of your data by a third party.
Please note, the threat from this vulnerability is not high as the conditions required to activate the attack are relatively difficult to achieve. In addition Windows and iOS are not exposed to the more severe aspects of the vulnerability which lessens exposure yet again.
However, Linux and Android appear to be the most exposed and any updates available should be run on those devices (given android updates are dependent on individual ‘vendors’ this may be difficult so the precautions below should be taken).
We have listed below some general precautions for Cyber Security that you should follow at all times:
- Don’t use any public (untrusted) Wi-Fi unless absolutely necessary (i.e. McDonalds, Starbucks, etc…).
- Make sure when entering any login or sensitive information, your web browser is using https (look for the padlock).
- Disable automatically joining new Wi-Fi networks.
- Apply any available patches to your PC’s and electronic devices – mobile, tablets.
- IoT devices are most vulnerable as they are unlikely to have any ‘fixes’ developed or applied. Just be conscious of this when purchasing and connecting those kinds of devices to your network.
- Use this as an opportunity to review your staff’s awareness of security threats in general.
- Even though the threat is not high it is still important to alert staff and develop good habits through increased awareness of the variety of threats present.
Do you have P2 equipment?
The Manufacturer of P2 have acknowledged that some P2 WiFi Access Points has a vulnerability to this recent KRACK threat. P2 are currently working on a firmware Hotfix to address this vulnerability. The firmware hotfix will be made available by the 30th of November 2017 and ITConnexion will be in touch to arrange the firmware update as soon as it is available.
Models that affected are:
- Z100
- Z500
- X33 Mesh Ranger.
Please note, the following models are not affected: Smart Virtual Fibre products including X20, X32 and X32e.
Please feel free to contact [email protected] for any questions.
Regards The ITConnexion Helpdesk
#wifi #KRACK #cybersecurity #managedsecurity
