KRACK SECURITY INFORMATION
To our valued ConnectAnza Members:
You may have heard about the recent WiFi security issue, the “Key Reinstallation Attack” (or KRACK), that was discovered by researchers and announced on Monday, October 16. KRACK takes advantage of a vulnerability in the WPA2 WiFi security protocol that nearly all modern WiFi devices use, which exposes these devices to eavesdropping and potentially even malware injection.
ConnectAnza works continually to ensure that our fiber optic network is safe. We are working with our equipment manufacturers to install upgrades and patches that address the issue. However, it is important to note that KRACK is primarily a “client side” vulnerability. This means that any KRACK attack would be directed at the device that is connected to the WiFi router or access point- not the router or access point itself. To be safe from this attack you must update your personal devices that use WiFi (smart phones, laptops, tablets etc.). The patches we install on the ConnectAnza network will not address the vulnerability of your personal devices.
As of October 18, Microsoft has already issued a fix for Windows versions 7 through 10, and Apple is currently working on patches for all their devices. Android phones and tablet updates will be released by the various hardware manufacturers. The important thing to remember is to update all of your devices as soon as the updates become available. While there have been no reports of this vulnerability having been exploited outside of a laboratory, we urge you to take the privacy of your data seriously.
As always, please contact us at 951-763-4333 or visit our website at www.connectanza.org if you have further questions or concerns.
Happy and safe computing!