WPA2 Vulnerability Threatens Healthcare Network Security

WPA2 Vulnerability Threatens Healthcare Network Security

Lindsey Duncan
October 18, 2017

Just yesterday, we told our readers that a vulnerability has been detected in WiFi encryption protocol, WPA2, due to which hackers can hack into a WiFi network and sniff the internet traffic extracting important information.

The flaw was dubbed KRACK for Key Reinstallation AttaCK because it allows attackers to insert a new "key" on a Wi-Fi connection that keeps data private.

While some websites and apps may use HTTPS as an additional layer of protection, it can still be bypassed by a hacker.

In the meantime, avoid connecting to public Wi-Fi networks.

Bigg Boss 11: Complaint filed against Salman Khan by evicted contestant
From Shilpa Shinde , Arshi Khan to Akash Dadlani, he has been in a tiff with every "controversial contestants" in just one week. Bigg Boss asks the padosis to choose one more contestant to nominate by entering the house themselves, by wearing a mask.

All modern protected Wi-Fi networks use the "four-way handshake", which implies all these networks can be affected by an attack, Vanhoef said.

Finnish security firm F-Secure said experts have always been cautious about Wi-Fi's ability to withstand security challenges of the 21st century. "This issue can be resolved through straightforward software updates, and the Wi-Fi industry, including major platform providers, has already started deploying patches to Wi-Fi users".

The US-CERT researchers noted that 41 percent of all the Android devices are vulnerable to an "exceptionally devastating" form of the Wi-Fi attack. The Krack vulnerability, which was identified by a security researcher overseas affects nearly all devices including computers, mobile phones, routers and smart TV. This version of the wpa_supplicant clears the encryption key from memory once it is installed the first time allowing the researchers to insert an all-zero encryption key which, in turn, allows traffic to be easily intercepted with this known key. Several wireless AP vendors already have patches available for installation. Google says it'll do so in the coming weeks. And you can watch the video above for additional information.

Finally, consider browsing the Web with an extension or browser add-on like HTTPS Everywhere, which forces any site that supports https:// connections to encrypt your communications with the Web site - regardless of whether this is the default for that site. The ideal solution right now would be to unhook these devices from the Wi-Fi network, and check with the manufacturer for KRACK patches. Apple, Android and Windows software are all susceptible to some version of the vulnerability, which is not fixed by changing Wi-Fi passwords.