Protecting Yourself Against Wi-Fi KRACK Vulnerability

You may have heard in the news about the Wi-Fi vulnerability called KRACK. This vulnerability could cause a Wi-Fi network to become compromised.

First Bank & Trust’s online banking and mobile banking encryption is protected against this vulnerability, even if the Wi-Fi network being used to access bankeasy.com is not protected.  It is still advised to check your Wi-Fi network is protected against this vulnerability, in order to keep all online activity encrypted and protected. There are measures you can take to ensure your Wi-Fi network is safe.

What is the vulnerability?

The Wi-Fi vulnerability is called KRACK, which is short for Key Reinstallation Attacks. Security protocols in Wi-Fi networks have a weakness that could be exploited by in-range attackers by forcibly reinstalling keys on the Wi-Fi device. Then it will be able to route around HTTPS and encryption and eavesdrop on all communications on the network. There is also the potential to manipulate data or inject malware over the Wi-Fi network. Hackers can use this new attack technique to read information that was previously assumed to be safely encrypted. This new vulnerability can be used to steal sensitive information such as credit card numbers, passwords, emails, chat messages, photos and so on. 

What Wi-Fi devices are at risk for the vulnerability?

The KRACK vulnerability affects a foundational component of any corporate or private network. In this case, most Wi-Fi networks that use WPA2, also known as Protected Access 2, appear to be vulnerable.   

Know How to Protect Yourself

Until all access points and end points have been patched, assume your WPA2 enabled network is no more secure than public Wi-Fi. 

Check for updates or patches to your access points and install Windows updates as soon as a patch for KRACK is made available.  If necessary, contact your network vendors directly.

If you have never updated the firmware on your wireless access point (AP) – either at home or work – now is a great time to do so.  Be sure to change the default username and password if you’ve not done so as well.

If your wireless AP is 5+ years old and no longer supported, it might be time to look for a newer, modern AP.  A couple hundred dollars (or less) can increase your wireless speeds and provide better security.

If you are entering sensitive information, ensure the website has “https://” in the web address and the “lock” symbol is in place.

Utilize SSH tunnels, VPNs, etc. where possible for additional layers of security.

Ask questions and be attentive. If you aren’t sure if this affects you or your devices: it does. If you work with a vendor to secure your network, please ask your vendor how they will help secure your Wi-Fi once again.