In the early 2000s, you probably remember when researchers discovered some vulnerabilities that put the nail in the coffin of Wired Equivalent Privacy (WEP), a security protocol used to protect Wi-Fi communications. Essentially, this WEP vulnerability meant that attackers could quickly crack WEP encryption, and see all your wireless traffic. At the time, this flaw caused a major uproar, and forced the industry to design a new Wi-Fi security protocol, Wi-Fi Protected Access (WPA).
Unfortunately, a Belgian researcher has found a number of vulnerabilities in WPA2’s 4-way handshake. Like the WEP issue, these flaws could allow wireless hackers to decrypt your employees’ Wi-Fi communications. The good news is, unlike the WEP vulnerability, you can patch these WPA2 problems. Watch today’s Daily Byte video to learn a bit more about the Krack WPA2 attacks, and what you can do about them. I also recommend you check out the reference section below for links to much more information.
Episode Runtime: 8:31
Direct YouTube Link: https://www.youtube.com/watch?v=-biQTSUk0Lc
EPISODE REFERENCES:
- The Krack attack destroys nearly all Wi-Fi security – Ars Technica
- Researcher’s whitepaper on the Krack Attacks [PDF] – MathyVanhoef.com
- Official Krack Attacks website – KrackAttacks.com
- WatchGuard’s response to the Krack attacks – WatchGuard.com
- CERT’s Krack attacks vulnerability note – US-CERT
- ICASI’s Krack attacks page – ICASI.org
- Microsoft already patched the Krack attacks – Engadget