A top federal government cybersecurity watchdog issued an advisory on Monday, warning users to update their devices to protect against a newly discovered vulnerability that affects nearly every modern, protected WiFi network.
That showed that a widely used encryption system for wireless networks could give attackers an opening to steal sensitive information such as emails, chat histories and credit card numbers.
The exploit would allow hackers to eavesdrop on Internet traffic between computers and wireless access points. The findings are significant because of the wide range of devices that could be affected.
The attack works against all modern protected Wi-Fi networks
In a statement, Microsoft said the company “released security updates on October 10th and customers who have Windows Update enabled and applied the security updates, are protected automatically. We updated to protect customers as soon as possible, but as a responsible industry partner, we withheld disclosure until other vendors could develop and release updates.”
Apple did not immediately respond to a request for comment, but Vanhoef noted that iOS and Windows devices were not the most vulnerable to the exploit. The attack, however, is “exceptionally devastating” for devices that run Android 6.0, Vanhoef found. Google said in a statement, “We’re aware of the issue, and we will be patching any affected devices in the coming weeks.”
Even when Internet users connect to secure websites that use the HTTPS protocol, they may still be at risk. “Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations,” he said.
While he acknowledged that some of the attack scenarios discussed in his research are impractical to pull off, he said the bottom line is that you should still “update all your devices once security updates are available.”
What To Do Next:
- Current Managed Services Client of Adam D Technology, LLC
-You will be taken care of as part of our service delivery obligation
-email us at firstname.lastname@example.org if you’d like more information
- Try Yourself
-find the device(s) that provides wireless connectivity in your home or business
-take down the model number and navigate to the manufacturer’s support site
-download the most up to date Firmware
-update your wireless device and double check all settings to confirm update took
-make sure your computer has the most recent update from your Operating System builder
- Let Adam D Technology do it for you
-Fill form below to schedule a technician to fix your KRACK
–or call 520.762.7614 or email us at email@example.com
- Share with your friends to make sure their KRACK is not exposed
–Share on Facebook