The three Titans, Google, Microsoft and Apple address security issues with KRACK.
Just when everyone thought Wi-Fi was safe, that illusion was recently shattered. Security researcher Mathy Vanhoef has discovered a vulnerability that he’s calling “KRACK.” The flaw is in the WPA2 protocol, and everyone’s Wi-Fi network is at risk of being hacked. The vulnerabilities include HTTP content injection, packet replay, decryption, TCP connection hijacking and more. Hackers could gain access to credit card numbers, photos, passwords, and emails. The WPA2 woes will have an impact on both home users and business users.
Apple, Google, and Microsoft
Microsoft was the first Titan to respond to the news. “We have released a security update to address this issue, says a Microsoft spokesperson in a statement to The Verge. Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected. Microsoft says the Windows updates released on October 10th protect customers, and the company withheld disclosure until other vendors could develop and release updates.” Apple is also on top of its game. Patches and fixes for tvOS, watchOS, macOS, and iOS are in beta and will be released in a software update shortly. Google is scrambling to fix the issue and will do patches on any affected devices over the next few weeks.
The new security flaw has been described, innovative and unprecedented, and it’s really up to the Titans to properly address the problem. Apple, Google, and Microsoft are fully aware that once they fix this vulnerability, another one will be on the horizon. Cybercriminals will always find and exploit vulnerabilities. It’s always an endless cycle.
Other smaller tech companies have also responded to the KRACK security bug. “Cisco also said it had published a security advisory to detail which products are affected, and a blog to help customers better understand the issue. Fixes are already available for select Cisco products, and we will continue publishing additional software fixes for affected products as they become available,” a spokesperson said. “Intel confirmed it was working with its customers and equipment manufacturers to implement and validate firmware and software updates that address the vulnerability. It also released an advisory.”
What Consumers Should Do About the KRACK Security Bug
All Wi-Fi users should take steps to protect themselves and their devices. They must manage their router patches and settings. In addition, consumers should avoid using public Wi-Fi networks. Any security updates provided by Apple, Google, and Microsoft should be installed on both routers and devices. Norton offers a Wi-Fi vulnerability alert and privacy. It will encrypt traffic and protect against identity thieves. Your information will be invisible to hackers.
Public Wi-Fi is a top target for cybercriminals. It’s important to note that these Wi-Fi access points aren’t well secured. Airports, coffee shops, shopping centers, and hotels are prime hunting ground for hackers trying to steal personal information. KRACK is just another tool in the cybercriminals arsenal.
For consumers whose smartphones, PCs and routers don’t yet have updated solutions, there are still some steps that can be taken to protect online privacy. VPN software can offer protection since it encrypts all traffic. Although changing a Wi-Fi password won’t specifically prevent a KRACK attack, it’s still advisable.
How do attackers implement KRACK? There are several conditions that must be met. First, the cybercriminal must be within physical proximity of the user. Second, the user’s device must be wirelessly enabled. Third, the cybercriminal executes a man-in-the-middle to intercept traffic between the user’s device and the wireless access point.
Decades to Uncrack KRACK
It will take decades to uncrack KRACK. The challenges go way beyond a mere patch and are not limited to just tech devices. For example, the company Netgear took immediate action after the KRACK attack. Fixes were available for dozens of router models. But, the company makes over 1,000 router models. Each needs to be tested, and the company will need partners to do a full fix. How long will that take? These challenges aren’t unique to Netgear either. It just underscores how ill-prepared the industry is in this type of calamity. This just covers routers, too. What about Wi-Fi IoT devices? The KRACK vulnerability could affect security cameras, garage doors, and even appliances.
Keep in mind that “There is no evidence that the KRACK vulnerability has been exploited maliciously, and Wi-Fi Alliance has taken immediate steps to ensure users can continue to count on Wi-Fi to deliver strong security protections, read a statement published by a Wi-Fi industry trade group. This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users. Users can expect all their Wi-Fi devices, whether patched or unpatched, to continue working well together.” That should keep consumers and businesses from panicking.
All around, the key to fighting a cyberattack is in the hands of the top three Titans and other major players in the technology industry. New defensive strategies must be employed, and the public needs to be educated and updated on current threats when using technology for home or business. However, with Google, Apple, and Microsoft at the helm, we should all be in good hands.
“My passion for quality IT service is at the forefront of my career.”
Lance Skipper Client Engineer
Always at your service to provide the highest level of quality support to our customers.
Anthony Firth Client Engineer
“I’m passionate about building and fostering relationships, and finding solutions for success.”
Michael Koenig Client Account Manager
“Enabling IT to become an effective and valuable partner by delivering premier customer service and quality IT solutions achieving business goals.”
Jake Parrott Business Development Manager
“Serving the client through IT solutions is my passion. A happy client is a happy me.”
Jason RichardsonClient Engineer
“Striving to provide friendly and quality service to our customers”
Ted Rorabaugh Client Engineer
“I help clients stabilize and grow their IT infrastructure so they can focus on growing their core business.”
Josh Wilshire Systems Engineer Team Lead
“Providing courteous, quality IT service for our customers.”
Rich Yoest Rapid Response Team Supervisor
“Striving to be your trusted adviser and IT teammate in accomplishing all your business goals”
Brandan Bishop Client Account Manager
“I strive to provide the highest level of quality service to our customers.”
Tommy Williams Sr. Hardware Engineer
“I’m driven by the steadfast belief that technology must serve as a business enabler. This mantra has driven 21
Years of successful partnerships.”
Stephen Riddick VP Sales & Marketing
“CSP doesn’t succeed unless your company succeeds.”
Stephen Allen Inventory Manager
“Through my intuition and genuine concern to help others I have built long-lasting relationships with our customers, co-workers and business partners.”
Scott Forbes VP Support Services
“Every day, I work with clients to help plan the future of their businesses.”
Michael Bowman vCIO
“Your IT problems become our IT solutions.”
Mark McLemore Project Engineer
“Managing internal and external operations to ensure that CSP provides quality and reliable customer service .”
Margie Figueroa Business Manager
“Helping customers get the most out of their IT Infrastructure.”
Marc Gillet Project Engineer
“Providing quality internal and externals financial support to our customers and accounting support to CSP.”
Katie Steiglitz Accounting Administrator
“Your satisfaction is our #1 priority.”
Heather Moore Project Manager
“Some call me the CEO. I call myself the Cheerleader for an awesome team!”
William B. Riddick Founder & CEO
“CSP is here to assist you with your IT needs.”
Beth Wylie Inside Sales Manager
Thinking ofHiring A New IT Company?
On What Questions You Need To Ask Before Signing Any Agreement.