Vulnerabilities in Wireless Networks

Posted in Announcements

Cyber Alert: Critical Vulnerabilities Reported with Wireless Networks

You may be aware of a widespread vulnerability that was reported last week affecting most everyone and every device that uses a general Wi-Fi connection.  This vulnerability – called KRACK (Key Reinstallation Attack) – allows hackers to intercept some of the traffic between your device and the Wi-Fi router that you are connected with, and potentially view any unencrypted online activity and data (including credit card numbers, passwords, chat messages, e-mails, photos, and other similar data), even if you are using a “secure” Wi-Fi connection.  Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”
The vulnerability is due to a flaw within the commonly used Wi-Fi security protocol, Wi-Fi Protected Access (WPA 1&2), that is relied upon by most Wi-Fi networks to secure online traffic.  To prevent a potential attack, everyone must update all affected devices & products as soon as security updates become available – this includes all computers, mobile devices (phones & tablets), home routers, and other Internet connected / “smart” devices. 
Please note that if your device supports Wi-Fi, it is affected. Researchers discovered that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks.
Impact to Georgetown University:
UIS is currently examining the impact of this vulnerability on GU networks and systems and working to determine how the University could be impacted.  UIS will work to remediate any concerns as necessary and appropriate to ensure a continued secure online experience for the Georgetown University community. 
While this vulnerability is real and a concern to everyone, please note that to currently exploit this hack, any attacker would need to be in range of your device and connected to your Wi-Fi network, so they can’t attack you from miles and miles away.
In the meanwhile, you can continue to use GU wireless networks and systems as normal – keeping in mind the precautions listed below: 

Update your devices: As stated earlier – the most critical step you can take to prevent a potential attack is to update all devices & products as soon as security updates become available – this includes all computers, mobile devices (phones & tablets), home routers, and other Internet connected / “smart” devices.

Focus on HTTPS connections: You can mitigate risks by prioritizing encrypted internet traffic over unencrypted traffic and websites properly configured with HTTPS have an additional layer of protection against this vulnerability.  You can also consider installing a browser extension available for Google Chrome, Firefox or Opera, called “HTTPS Everywhere” – available from the non-profit organization, the Electronic Frontier Foundation.  If a website offers unencrypted access (HTTP) and encrypted access (HTTPS), this extension automatically directs your browser to use the HTTPS version to encrypt your traffic.  Please note that the extension will not be effective if a website still relies exclusively on HTTP, or if a company has a poor implementation of HTTPS.

Consider avoiding general public Wi-Fi networks:  You should always be cautious of connecting with unknown Wi-Fi networks, but you may also want to avoid public Wi-Fi networks (e.g., in cafes, hotels and airports) in general until security patches are fully updated and you have assurance that patches have been applied.  You may consider using a cellular connection in the duration as cellular network access is not affected by this vulnerability.

Other: Use VPN access when connecting via Wi-Fi – while VPN access may not be a full guarantee of security against this hack, it will greatly help reduce the risk. If available and practical, you can also consider using a direct Ethernet connection for online access.