Last week two new highly critical announcements were made regarding security of wifi networks and public key encryption.
The first is with the “WPA2” security that is commonly used on secured wifi networks. This vulnerability exposes most wifi networks to attack. Not only does it expose the network to attack, but it can defeat the SSL encryption that covers “https” websites rendering them insecure.
A hacked wifi network would expose any computer on that network, as well as exposing confidential information passing across the network such as usernames, passwords, and credit card information.
This vulnerability affects virtually all devices that use wifi networks, and will need to be patched as soon as the equipment vendor issues the patch or update to cover this issue.
The second is related to public key encryption that is commonly used to authenticate software installs, encrypted emails, and so forth.
Your wifi devices need to be updated as soon as the updates come out. This will include evaluating your router and making sure it gets the update, as well as making sure any other devices such as the below are updated. Older Windows and Mac’s are no longer being updated, so they will remain vulnerable and should be retired as soon as possible.
- Desktop workstations
- Laptops/notebooks
- Mobile phones
- Tablets and e-readers that use Wi-Fi
- Home and office routers
- Home devices like NEST, Amazon Echo and Google Home
- Printers, both home and office, that use Wi-Fi
- Any other device that uses Wi-Fi
Team Veritas can check your devices and make sure they get updated, or provide help replacing devices that are no longer being supported by their respective vendors. Just give us a call.