Critical – What You Need to Know About KRACK

A serious vulnerability, called KRACK, has been found in the security protocol (WPA2) that is used by the majority of wireless networks world-wide.  This vulnerability opens up the possibility of potential hackers stealing critical and sensitive data by just being in range of a vulnerable

The attacker within range of a victim can use these weaknesses to read information that was previously assumed to be encrypted and unreadable.  Information such as credit card numbers, passwords, chat messages, emails, photos, documents etc are at risk.

Devices that are affected are not just desktop or laptop computers but also smart phones, including Apple devices and Android devices, routers and firewalls and anything that can connect to a wireless network.

The Good News

The good news is that it’s what we call a shallow bug, nearly every device that uses Wi-Fi is vulnerable but the hack is difficult to execute.  The hacker would need to be within Wi-Fi range of the network you are connected to, to carry out the ‘hack’.  This dramatically reduces the risk that the average person will be targeted but the risk is obviously still there if you’re on a vulnerable network or have a vulnerable device.

What should you do?

  • The first thing to do is patch your computer systems.
  • Update your iPhone and Android phone with the latest patches.
  • Patch your routers and firewalls.
  • Investigate what other wireless devices you have and
  • speak to the manufacturer of your smart devices and ask what their plans are for remediation.

Other pre-cautions you can take:

  • Stay off free wi-fi and use 4G instead.
  • Use a paid, secure VPN

You need to be extremely careful with public Wi-Fi

Patching your own device doesn’t guarantee you’re safe if you connect to a public Wi-Fi network that hasn’t been patched.  That’s because if you are sending information through the unpatched access point on that Wi-Fi network it can still be looked by people who are connected.

So places like the local coffee shop could have unpatched Wi-Fi networks for a long time to come.

Should I change my password?

It won’t make any difference. KRACK doesn’t need your password to get access.

Who needs to fix it?

Basically the manufacturers of any wireless devices need to issue patches that remediate the threat, however, some manufacturers are notoriously bad at issuing patches so we could see vulnerable Wi-Fi networks and devices for years to come, especially smart devices including tvs, webcams, security cameras, alarm systems etc.

These smart devices rarely receive the necessary software updates to correct issues and because this threat impacts the whole industry rather than being specific to the device it requires a co-ordinated effort to fix it, which will be a long and drawn out affair.

On the positive side:

  • Microsoft have already released a security patch.
  • Apple will be rolling out a software update in a few weeks.
  • Google Mobile will be rolling out a software update in a few weeks.
  • Samsung Mobile are still investigating and will roll out patches where needed.

If you need any assistance with your cyber security or you don’t know where to start please call us on  1300 478 738 or email us at

Contact Us

This field is for validation purposes and should be left unchanged.

Find out how we can help with your IT challenges.

About the author:

Picture of Ash Klemm

Ash Klemm

Ash has over 20 years of experience in sales and marketing. His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow. After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need. His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder. His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.
Scroll to Top