KRACK enables any adversary to insert himself between any device – smartphone, tablet, laptop, etc. – and a WiFi hotspot. Once in, the hacker monitors traffic traveling between those two points. He can then steal credit card numbers, emails, passwords or other sensitive data or inject malware or ransomware into selected messages.
This weakness isn't in just certain devices or WiFi equipment. It's in the WiFi WPA2 encryption protocol itself. This makes KRACK effective against all modern protected WiFi networks. While companies like Microsoft, Apple and Google are in various stages of developing and issuing patches to their users, this does not ensure the problem is solved.
Consider the ongoing saga of Heartbleed.
This tiny flaw in OpenSSL allows anyone to quietly and easily plunder vulnerable systems and make off with passwords, private crypto-keys and much more. At the time its existence was announced in April 2014, Heartbleed was considered one of the most catastrophic bugs ever. Patches were hurriedly developed and issued to users.
Yet, nearly three years later, more than 200,000 patchable systems remain Heartbleed-exploitable. Simply put, patches only work when people install them.
The best way to combat KRACK is to use a network that's invulnerable to it. IPSec tunnels, VPNs and Dispersive™ Virtualized Networks (DVNs)are NOT susceptible to the technique.
Of these three, DVN offers advantages unavailable from the other two. It can provide your remote and mobile users secure, reliable and high-performance connectivity unavailable from VPN. The DVN also provides more control and flexibility, and order-of-magnitude improvements in speed, security and reliability.
A remote access device attached to an IPSec-based network can pass vulnerabilities across the IPSec tunnel to the entire network. Remote users may also have difficulty connecting to the corporate network due to firewall issues at the guest site. These problems do not exist with DVN.
DVN defeats man-in-the-middle threats with our patented, split-traffic multipath approach to data connections. Our software splits sessions into multiple independent streams and then sends each stream across a unique path on the Internet. Each stream has a different encryption key. These streams roll paths every minute, keeping your data-in-motion safe from a range of threats, including KRACK attacks.
Find out more about how DVN can benefit your enterprise. Email us at firstname.lastname@example.org or call us at 1-844-403-5852.