New Hacking Method Puts WiFi Users At Risk

14

NOVEMBER 2017

By: Douglas V. Dimola

Last month researchers released a disturbing report about a new man-in-the-middle attack technique called KRACK (Key Reinstallation AttaCK).

KRACK enables any adversary to insert himself between any device – smartphone, tablet, laptop, etc. – and a WiFi hotspot. Once in, the hacker monitors traffic traveling between those two points. He can then steal credit card numbers, emails, passwords or other sensitive data or inject malware or ransomware into selected messages.

This weakness isn’t in just certain devices or WiFi equipment. It’s in the WiFi WPA2 encryption protocol itself. This makes KRACK effective against all modern protected WiFi networks. While companies like Microsoft, Apple and Google are in various stages of developing and issuing patches to their users, this does not ensure the problem is solved.

Consider the ongoing saga of Heartbleed.

This tiny flaw in OpenSSL allows anyone to quietly and easily plunder vulnerable systems and make off with passwords, private crypto-keys and much more. At the time its existence was announced in April 2014, Heartbleed was considered one of the most catastrophic bugs ever. Patches were hurriedly developed and issued to users.

Yet, nearly three years later, more than 200,000 patchable systems remain Heartbleed-exploitable. Simply put, patches only work when people install them.

The best way to combat KRACK is to use a network that’s invulnerable to it. IPSec tunnels, VPNs and Dispersive™ Virtualized Networks (DVNs)are NOT susceptible to the technique.

Of these three, DVN offers advantages unavailable from the other two. It can provide your remote and mobile users secure, reliable and high-performance connectivity unavailable from VPN. The DVN also provides more control and flexibility, and order-of-magnitude improvements in speed, security and reliability.

A remote access device attached to an IPSec-based network can pass vulnerabilities across the IPSec tunnel to the entire network. Remote users may also have difficulty connecting to the corporate network due to firewall issues at the guest site. These problems do not exist with DVN.

DVN defeats man-in-the-middle threats with our patented, split-traffic multipath approach to data connections. Our software splits sessions into multiple independent streams and then sends each stream across a unique path on the Internet. Each stream has a different encryption key. These streams roll paths every minute, keeping your data-in-motion safe from a range of threats, including KRACK attacks.

Find out more about how DVN can benefit your enterprise. Email us at info@dispersivegroup.com or call us at 1-844-403-5852.

Similar Blogs

Critical Infrastructure On Edge: Colonial Pipeline Is Only the Latest Example of the Massive Risks Associated with Attacks

Critical Infrastructure On Edge: Colonial Pipeline Is Only the Latest Example of the Massive Risks Associated with Attacks

This past week Colonial Pipeline company, which operates a pipeline that carries gasoline, diesel fuel, and natural gas along a 5,500-mile path from Texas to New Jersey, was forced to take itself offline after being attacked by a criminal cyber gang. The pipeline, which carries 2.5 million barrels a day, nearly 50% of the East Coast supply of diesel, gasoline, and jet fuel, is still working to restore service and gain access to their systems after the malicious cyberattack, while its four mainlines remain offline.

read more
Financial Services Companies Struggle With The Work from Home Digital Perimeter With Serious Cyber Attacks on the Rise

Financial Services Companies Struggle With The Work from Home Digital Perimeter With Serious Cyber Attacks on the Rise

When pandemic lockdowns turned many jobs into work-from-home almost overnight, some industries experienced relatively seamless transitions; however, the banking industry was not one of them. These institutions were forced to pivot from traditional office environments, but the switch to remote working came with an abundance of challenges, the most serious being cybersecurity.

read more
Securing Retail and POS Endpoints Efficiently

Securing Retail and POS Endpoints Efficiently

With physical retail re-opening, large retailers with hundreds or thousands of locations are rethinking their security strategies, especially when it comes to Point-of-Sale (POS) systems.

Retailers need reliable, resilient networks, as downtime leads to slow checkout lines and unhappy customers.

read more