KRACK Vulnerability Update 17/10
As you may have seen on the TV or read from recent reports a vulnerability has been identified with security of wireless networks know as KRACK. This affects all wireless networks that use the industry standard WPA2 protocol.
The Short Version:
Don’t Panic, but do make sure all your devices like phones and computers are kept up to date with manufacturer security patches as Apple, Microsoft and Google are all going to release patches.
The Long Version:
There are two potential risks that one could imagine – the risk to our Radio network that is based on similar technology to the WiFi in your house and the WiFi network that actually is in your house.
Firstly, all risks are theoretical at the moment as whilst the weakness has been discovered by some researchers, there is at the moment no known use of that weakness by malicious software.
Our WAN is less likely to be vulnerable as the equipment is based on a manufacturer that uses some proprietary protocols that mean some extra work on top would be required to hack it. But in any case the manufacturer of that equipment has already released some patches to it and will release more in the coming days – that we will apply to each part of our network meaning that it will not be even theoretically vulnerable.
With regard to the network inside your house all of the major companies (Apple, Google, Microsoft) have announced patches and you should apply them to your devices when they become available – normally this just means keeping your device up to date
The vulnerability affects the client connection and not the Access Point (which in most cases is also your router) however, if we supplied your router (and you have not changed the admin password) we will be updating the router firmware as updates become available. Whilst the upgrade take place you will notice a service disruption of up to 15 minutes.
If you have any further questions or require any further information please do not hesitate to connect the CFWN office on 01349 805040 or email firstname.lastname@example.org.