WLAN security gap KRACK

A vulnerability affecting all wireless networks was discovered recently. The vulnerability was found in the encryption protocol WPA2, which is the standard encryption protocol used in wireless LAN networks. This is also why this vulnerabilty affects almost any WLAN device (Smartphones, IoT-Devices, Laptops, Personal Computers, etc.) and operating system (iOS, Windows, Linux, Android, etc.). The vulnerability enables a third person to read the wireless communication in plain text, although this communication appears to be encrypted. This implies: unless you are using other security mechanisms (such as HTTPS or VPN while surfing), your data transmitted through a WLAN network may be intercepted and read by a third person.

 

The manufacturers are currently working on security patches for their systems. It is of utmost importance to check for these updates and install them. Many devices are configured to check for these updates automatically.

 

We recommend:

– Check for security updates and/or make sure that these are being installed automatically
– If updates were installed, reboot your device
– Use a VPN if you are transferring sensitive data
– When transmitting sensitive data through your browser make sure that your connection is encrypted by additional means (“Https” or the lock icon appear in your address bar)
– However, do *NOT* change the WLAN encryption to an older standard such as WPA oder WEP as these are insecure.

If you have questions or issues please do not hesitate to contact us during our opening hours or per e-mail.