Wireless Devices Subjected to Risk of Hacks with Wi-Fi Security Flaws
WiFi technology has become an indispensable part in our everyday lives. It has grown from a promising technology for tech-savvy early adopters to a must have for connected devices of all kind, as most of us are keen to tap into the wireless Internet from our offices and homes. At this point, researchers have revealed that there is a major flaw dubbed Key Reinstallation Attack (Krack) and Wifi connections used everywhere around the world are at risk.
Though modern higher-reliability Wi-Fi networks have their traffic encrypted by a protocol WPA or WPA-2, which protects data as it travels from a computer or smartphone to a router, if exploited, gives the attacker a skeleton key to access any WPA2 network without a password. When a system uses Wifi to connect to a router for instance, it goes through a four-step dialogue, whereby the two devices agree a key to use to secure the data being passed—called handshake. This attack starts by tricking a victim into reinstalling the live key by replaying a modified version of the original handshake. Meanwhile, a number of important set-up values can be reset, which renders certain elements of the encryption in a much weaker phase. Once they are in, they can hijack connections, and inject content into the network traffic stream. The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices—positioning all the Wifi supported devices at risk.
Windows and the advanced versions of Apple’s iOS are greatly protected from the flaws, according to a researcher. To cite an example, few months back the ransomware attacks locked up computers worldwide, demanding payment from people and companies in return for renewed access to vital information and systems. However, with all these flaws the trend in Wi-Fi dependence is not slowing down, it is rather significantly increasing with greater consumer expectation.
By Tom Farrah, CIO & SVP, Dr Pepper Snapple Group
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Phil Jordan, CIO, Telefonica
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Dennis Hodges, CIO, Inteva Products
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sven Gerjets, SVP-IT, DIRECTV
By Marie Blake, EVP & CCO, BankUnited
By Lowell Gilvin, Chief Process Officer, Jabil
By Walter Carvalho, VP & Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Marc Jones, Distinguished Engineer, IBM Cloud Infrastructure