New Hacking Method Puts WiFi Users At Risk



By: Douglas V. Dimola

Last month researchers released a disturbing report about a new man-in-the-middle attack technique called KRACK (Key Reinstallation AttaCK).

KRACK enables any adversary to insert himself between any device – smartphone, tablet, laptop, etc. – and a WiFi hotspot. Once in, the hacker monitors traffic traveling between those two points. He can then steal credit card numbers, emails, passwords or other sensitive data or inject malware or ransomware into selected messages.

This weakness isn’t in just certain devices or WiFi equipment. It’s in the WiFi WPA2 encryption protocol itself. This makes KRACK effective against all modern protected WiFi networks. While companies like Microsoft, Apple and Google are in various stages of developing and issuing patches to their users, this does not ensure the problem is solved.

Consider the ongoing saga of Heartbleed.

This tiny flaw in OpenSSL allows anyone to quietly and easily plunder vulnerable systems and make off with passwords, private crypto-keys and much more. At the time its existence was announced in April 2014, Heartbleed was considered one of the most catastrophic bugs ever. Patches were hurriedly developed and issued to users.

Yet, nearly three years later, more than 200,000 patchable systems remain Heartbleed-exploitable. Simply put, patches only work when people install them.

The best way to combat KRACK is to use a network that’s invulnerable to it. IPSec tunnels, VPNs and Dispersive™ Virtualized Networks (DVNs)are NOT susceptible to the technique.

Of these three, DVN offers advantages unavailable from the other two. It can provide your remote and mobile users secure, reliable and high-performance connectivity unavailable from VPN. The DVN also provides more control and flexibility, and order-of-magnitude improvements in speed, security and reliability.

A remote access device attached to an IPSec-based network can pass vulnerabilities across the IPSec tunnel to the entire network. Remote users may also have difficulty connecting to the corporate network due to firewall issues at the guest site. These problems do not exist with DVN.

DVN defeats man-in-the-middle threats with our patented, split-traffic multipath approach to data connections. Our software splits sessions into multiple independent streams and then sends each stream across a unique path on the Internet. Each stream has a different encryption key. These streams roll paths every minute, keeping your data-in-motion safe from a range of threats, including KRACK attacks.

Find out more about how DVN can benefit your enterprise. Email us at or call us at 1-844-403-5852.

Similar Blogs

Resilience in Motion

Resilience in Motion

Last weekend a number of people and businesses experienced widescale service disruption, network slowdowns, and other issues as a leading carrier grappled with significant challenges with their network.

read more
The Future of Industrial IoT Networking Secures Edge Cloud Computing and Data

The Future of Industrial IoT Networking Secures Edge Cloud Computing and Data

Dispersive announced last week it has developed a combined offering with ClearBlade, a pioneer and fast-growing Industrial IoT software and platform company delivering sophisticated connected systems for large enterprises. We’ve been working together in our labs and behind the scenes to bundle ClearBlade’s award-winning and widely deployed IIoT solutions (which support edge, cloud and enterprise systems, big data collection, analytics and real time control systems), to make it easier for customers to benefit from zero-touch commissioning, management, and zero-trust networking.

read more