Jenna Thompson, News Reporter • October 30, 2017
A vulnerability in the most commonly used Wi-Fi security encryption, that affects nearly every wireless device, was publicized this month.
The vulnerability, called the Krack, makes it easier for hackers to steal passwords, bank account numbers and other personal information.
The Krack affects WPA2, the standard Wi-Fi encryption, which converts information into data to prevent unauthorized access to devices and accounts.
“If they (hackers) do it right, they can read basically everything you are sending and receiving … browsing data, even passwords you are sending over WiFi,” Jason Hubler, a junior in the College of Engineering, said.
This type of vulnerability is nothing new to the world of Wi-Fi. The original Wi-Fi encryption, WEP, was damaged so much that people could no longer safely use it, and this is when the new standard WPA2 became the safer option beginning in 2004.
While the Krack is a big deal, it is not nearly as serious as a security breach.
Jeremy Edson, an Information Security Officer from Marquette’s IT department, said that even though researchers have found a vulnerability in WPA2, there is no evidence that this could directly lead to a major breach of personal data.
Hubler said this Krack is something to definitely keep in mind, however, there is no need to go into full technology panic since there is one big limiting factor that can keep hackers from stealing data.
“For a hacker to do this to a person, the hacker has to be within physical range of the same Wi-Fi network that person is using,” Hubler said.
According to Hubler, this means a hacker would have to be right outside someone’s house or apartment to steal information. However, he said one can never be too safe.
As far as a potential threat to campus, Edson feels confident about Marquette’s cyber safety.
“My feeling is that there is less of a risk on a large campus network since we have a well-trained IT staff that is charged with maintaining and updating the infrastructure,” he said. “Vulnerabilities like these are a reminder that we should never rely on a single technology to secure our data.”
In response to the Krack, Edson said students should update all devices, run malware scans, and be careful what personal information is released online.
Fortunately, for most smartphone users, the vulnerability will be fixed in the coming weeks, if not already. Microsoft had already updated software to protect their users from the Krack. Other companies, like Apple and Google have their updates in beta, so auto updates ensure phones are running on the latest security software.
Coincidentally, the news of the Krack was publicized during National Cyber Security Awareness month.
Mary Simmons, the Senior Director of IT, reminds students to remember the National Cyber Security Awareness month slogan, “Stop. Think. Connect.” while locating the cyber world. Making sure personal information stays personal is extremely important said Simmons, “Once that information is stolen, it is very difficult to get back.”
Anyone can claim they do wireless site surveys, including those that walk around using free utilities that check for basic signal strength, without any training or understanding of how wireless works. That may be fine if you only need basic Internet connectivity, but if your network supports mission-critical applications, you need a professional-grade solution.
Our methodologies are what differentiate us from our competition. We start with the belief that combining the best tools and training with years of experience leads to the best wireless solutions available. Our formula for success includes the following:
Expert Certified Personnel
We start with a commitment to having the best trained personnel possible. We only employ or contract with Certified Wireless Network Professionals (CWNP).
We are proud to be a member of the prestigious CWNE roundtable, an exclusive committee of wireless experts dedicated to developing the highest level and most respect vendor-neutral certification in the wireless industry, as well as writing technical whitepapers.
Predictive models, also known as virtual site surveys allow us to efficiently and accurately identify the number of access points required, as well as their initial placement and configuration. Modeling is ideal for creating "what if" scenarios that show us the effects of changes in real time. Our designs always start with a model which we then validate.
RF Spectrum Analysis
Because wireless networks operate in unlicensed frequencies, potential interference from numerous devices such as microwaves, cordless phones, Bluetooth devices, video cameras, etc. can have a significant negative impact. RF spectrum analyzers are the only devices that can identify physical-layer interference, and no onsite wireless site survey is complete without this service.
Onsite Site Surveys / Validation
When the highest degree of accuracy is required for your mission-critical applications, there is no substitute for a professional-grade manual site survey.
Our surveys start with temporarily mounting the same access points and antennas that will be permanently installed. We then use professional-grade software to test not only for signal strength, but Signal-to-Noise ratio (SNR) to test the signal's viability, interference and data rates. Our thorough approach is the most accurate solution available.
Our reports spell out the facts, and leave no doubt in the customer's mind as to what the wireless network does or will look like.