On Monday, a serious weakness was discovered in WPA2, a protocol that secures all modern protected Wi-Fi networks. The flaw allows potential attackers to leverage this vulnerability to break into the WPA2 security model and steal data flowing between wireless devices and the targeted Wi-Fi network. What’s so concerning about this particular attack—dubbed “KRACK,” which is short for key reinstallation attack—is that it works against all modern protected Wi-Fi networks, allowing attackers to not only read and steal information transmitted across Wi-Fi, but also potentially manipulate the data or insert malware.
So, what exactly is this KRACK attack and why is it so threatening? Considering that it is National Cyber Security Awareness Month, it’s even more critical that IT service providers understand what’s at stake given this newfound vulnerability. Here’s everything you need to know about the recent KRACK attack news, who’s most at-risk from this vulnerability, and the steps providers can take to mitigate these risks.