Category: Security
Author: Sally-Ann van Nuland, Edwin van Wijngaarden

WPA and WPA2 protocol not secure

Researchers of the KU Leuven have discovered a risk in the current WPA and WPA2 protocol. The protocol is meant to ensure security therefor the leak names Krack; Key Reinstrallation Attacks, has mayor consequences for the security of all modern WiFi-networks.  

What is the problem? When a user is connecting a device this user is using an identical key which can only be used once, technically. The reseachers of KU Leuven have figured out a way to reuse this key. By reusing it they can open a way to the data of the initial user that is using the network.

Who is bothered by it? In principle this error goes for all modern WiFi-networkd, but there is a significant risk for Linux- and Android devices with de verison 2.4 and 2.5 of the WPA suppliant. The use of macOS Sierra 10.12 is a risk as well. The wellknown iOS en Windows 7 and 10 are not receptive for Krack.

Public hotspots are known for being a risk. Since 75% of the public hotspots are secured by the WPA or WPA2 protocol they are vulnerable for this hack.

What to do with WPA and WPA2? WPA and WPA2 are still the best protocol options when it comes to security of the WiFi network. Going back to the former WEP is not an option, since this protocol has been proven vulnerable altogether. The only real solution is to update the software per device and keep it up to date every time.

The risks for companies Employees are using more and more different devices and locations to do their job. Think of the apps that Oliver IT has developed for truckdrivers and such. Is is important that these devices are uodated with the latest software versions. Do you want to know more about security? Feel free to contact us below.

Specific questions?

Enter your e-mail address and Oliver IT will contact you as soon as possible!

Done! We will contact you soon!
Ardiles Mozesz Consultant
Ardiles Mozesz