Enterprises must use hype cycle around KRACK vulnerability to push for network segmentation: of AppGuard

Enterprises should use this hype cycle around KRACK to persuade stakeholders to properly segment wired and wireless networks, if that has previously been opposed, says Mike Fumai, COO and President of AppGuard

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of online gaming and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the cybersecurity  threats themselves.

Recently cybersecurity researcher Mathy Vanhoef of Belgian University, KU Leuven discovered serious weaknesses in WPA2, a protocol that secures all modern connection. He said that if not patched properly, an attacker within range of a victim network can exploit weaknesses using key reinstallation attacks (KRACK) to access sensitive information like Password and Credit Card details. Some of the big technology companies like Cisco, Microsoft, Apple, Google and Netgear among others have started patching their exposed solutions. TechObserver.in M Kalam spoke to Mike Fumai, COO and President of to understand different aspects of KRACK vulnerability and what steps businesses should take to prevent KRACK attack. He said, “Enterprises should use this hype cycle to persuade stakeholders to properly segment their wired and networks, if that has previously been opposed.”

What KRACK vulnerability means for Wi-Fi enabled devices and what kind of devices are most affected?

Android device owners are most impacted. Apple and Windows only affected in special cases. Even so, the risk is not great until weaponized tools make this easy for hackers to use. And even then, they must be within WiFi radio range to do so. The worst case involves such tools getting installed on already compromised endpoints so hackers can remotely snoop on WiFi traffic. At any given moment, there are millions of endpoints around the world with malicious remote administration tools (RAT) secretly operating on them. For the enterprise, those that have poorly segmented wired from wireless traffic are the most exposed.

What enterprises can do to prevent KRACK attack?

On their endpoints, enterprises must add an extension or add-on to web browser, such as HTTPS everywhere. This ensures that all web traffic is encrypted, regardless of WiFi. Most sensitive browser traffic tends to be HTTPS encrypted anyway. Also, they should verify that their email clients are also set for HTTPS/TLS enabled.

What steps businesses should take moving forward to make their system robust from security point of view?

I think, they should use this hype cycle to persuade stakeholders to properly segment their wired and wireless networks, if that has previously been opposed. They should also check to see which of their devices are vulnerable and if patches are available for those at http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=228519&SearchOrder=4

Businesses should also watch for and implement device patches as they come. They should do this before any compromised endpoints in enterprise get tools installed on them to steal data in motion through their WiFi. Businesses need to stay vigilant, this is neither the first nor the last time risks like these arise.

What could happen if businesses do not address this challenge?

Sensitive data in motion can be captured, possibly even manipulated.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles