WPA2 isn’t Secure.
By Tyrese Garvie | Pink Connect
Recent research has uncovered several major vulnerabilities in the centre of WPA2 (Wi-Fi Protected Access II). The vulnerability allows crafty criminals to sit on your network and listen to internet communications (record passwords, gather information from messages, etc.).
In the thirteen years that WPA2 has existed, it has gained a somewhat trustworthy reputation and rightfully so – it has been, up to this point in time, fairly secure and a standard to be followed by. However, the protocol has been deemed insecure after a concept attack proved successful and has now put millions in fear of their network being infiltrated and their data stolen. Almost all telecoms companies that provide basic consumer routers come with the WPA2 standard. Don’t worry if you’re a Pink Sentinel Customer, you still have world-class protection securing your business and any bugs and problems are updated within 24hrs – not the coming weeks that Google has promised.
The attack method has been given the name ‘KRACK’ (Key Reinstallation Attack). KRACK allows access into the router without even using the password at all. The attack is deployed by exploiting a 4-way handshake of the WPA2 protocol that establishes a key for encrypting traffic. For KRACK to work, the attacker must be in ‘physical proximity’ to the network – this means that more than ever, public Wi-Fi is vulnerable to MITMA (Man-In-The-Middle-Attacks).
Want to know if you’re secure? Call us on 0345 450 9393 or email sales@pinkconnect to receive a free audit for your place of work.