Is your WiFi KRACK’d?

  • Date: October 30, 2017
  • Author: Josh Peldo - Network Analyst

Recently some major announcements were made about a security vulnerability called KRACK in WiFi password security.  While I could bore you with the details of how the hackers could exploit this, the important thing to know is that its legit and you should definitely take action.  This affects residential systems as well as business systems and the main reason this is a problem for most users is because of 1 simple reason.  When was the last time you updated the firmware in your router/firewall? The firmware is the software inside the hardware that makes the unit operate.  Almost every unit I see has basically the same firmware the product was shipped with and the KRACK vulnerability exploits a feature that was standard in most Wi-Fi protocols for the last 10 years.  Using the KRACK vulnerability, hackers gain access to your WiFi network without knowing your WiFi passwords.

                So what should you do?  1st, Business customers should never use residential grade routers and firewalls.  I cringe when I walk into local gas stations, main street shops, or grocery stores and see a router they purchased from Walmart because it was cheap.  There’s a reason their cheap and the firewall protection these offer is minimal.  2nd thing to do, if you don’t want to upgrade your router/firewall you should definitely upgrade the firmware.  To do this, you find the make and model of router you have, download the proper firmware from the manufactures support website (make sure its actually from the manufactures website, not a wholesale firmware warehouse type website)  and log into the administration portal of the router/firewall and upload the firmware you just downloaded.  Insider tip…download a backup of your settings before upgrading!!!  There’s always a chance something goes wrong in the upgrade so its always nice to have a backup to fall back on. 

                Readitech does offer managed firewalls and also managed WiFi.  With this service we maintain the proper updates and services that protect users from KRACK’s like this.  If you’re interested in hearing more let me know. 

 

Josh