The value of keeping your systems up to date – don’t get Kracked!
19 December 2017
In the past month a significant vulnerability was discovered in the most commonly used type of secure wifi.
Dubbed “KRACKAttack”, it allows someone on the same wifi network as you to gain access to your information by replaying the security keys exchanged between your computer and the wifi modem. All modern wifi networks are at risk.
The attacker can potentially steal credit card numbers, passwords, email or chat messages or inject malware or ransomware into websites as you are downloading them.
The key here is that any device using wifi is potentially vulnerable and you need to patch or update your computer/phone/tablet as soon as possible.
This is critical if you use any of your devices on a public wifi system such as those available for free in restaurants, hotels or airports because you will have no idea if they have been patched and need to assume they aren’t. In general we advise to avoid these connections where possible and rely solely on 4g data on the device. A little inconvenience for a big increase in safety.
Windows and Apple have released updates already. Android devices are particularly vulnerable and thus far there is no fix available for them, these users should avoid using wifi until a fix is released.
Many other vendors already have patches for the vulnerability but some will take time and others, particularly older devices may never be fixed. It is worth checking that your device has been receiving updates and not delaying any requests for installing patches or restarting.
- Aim to keep all your devices patched – if they can update automatically then ensure that is enabled and actually working
- Ensure your anti-virus is regularly downloading updates, don’t just set and forget
- Update your wifi router firmware (or get your IT person to)
- Use public wifi only when absolutely necessary and limit logging in to your online accounts when you are on public wifi
- If you do go to sites that you have to log in to, ensure they are all HTTPS:// sites – the extra layer of encryption should prevent wifi eavesdroppers from reading what is transmitted- thankfully many sites use such encryption by default these days