Just when you thought you might be getting a handle on internet security, there’s a new threat.  Called KRACK (short for key reinstallation attacks), the new threat involves weaknesses within the WPA2 security protocol for Wi-Fi networks.  All modern protected Wi-Fi networks can be attacked. If your device supports Wi-Fi, it is most likely affected.

KRACK can be used by a hacker who is near a Wi-Fi access point.  The hacker can trick a device into reinstalling one of the encryption keys that is already being used. The hacker can then pilfer all information sent and accessed via mobile phone, laptop, or any product connected to Wi-Fi.  This allows the theft of sensitive information such as credit card numbers, passwords, chat messages, emails, photos, etc.

Changing your Wi-fi password won’t fix the problem. The only fix will be installing security updates when they’re published by device manufacturers.  Check out updates on this website https://www.fixkrack.com/ with links to manufacturers with the latest patches for KRACK.  Install the updates as soon as they are available.  You will also need to update your devices including your iPhone, Android, iPad, Windows Phone, Windows laptop, iMac, MacBook Pro, Linux  etc, as soon as updates are available to manage the risk to your devices.

The KRACK Attack threatens all wireless networks and wireless devices. Your IT staff should be working to mitigate this risk for your office, but it’s also vital that you update your personal devices as soon as patches are available.

If you have any questions about this or any other loss prevention topic, please contact:

Gretchen Koehler Mote, Esq.,

Director of Loss Prevention
Ohio Bar Liability Insurance Company