Issue 43.17
By now, you have probably heard that a problem exists with nearly all wireless networks including the one you likely have in your home or business. The WPA2 encryption system is used on 60% or more of the wireless networks around the world. It was regarded as a very difficult to hack protection for wireless networks until last week. Researchers found a vulnerability that any reasonably capable hacker could exploit. This would give them access to your computer files, keystrokes, pictures and online history. While it is unlikely you have been targeted, it is important that you protect yourself and your information from this new threat.
This can also affect devices you might not have thought of such as mobile phones, tablets, printers and home convenience and entertainment devices such as TV’s, NEST, Amazon Echo and Google Home. The devices would likely not be harmed but malicious content could be inserted into them or information on how you use them and their content could possibly be read.
Another less pervasive security threat was discovered on the same day. The combination of the two issues has professionals and hardware manufacturers scrambling to assure that their systems are not compromised and their customers hurt by this. The two pervasive problems are named KRACK and ROCA and are both things you need to be aware of and take precautions against.
The good news is you likely will not have to buy new equipment unless your wireless hardware (modems, routers and other network devices) are old enough that no updates are being scheduled. For most hardware less than five years old, the manufacturers are creating updates or “patches” that will address the problem. You will likely need to find out how to update the “firmware” in those types of devices however and apply them as soon as they are released. Most manufacturers will send you a notification if you registered your hardware and give you instructions. If you are not registered, you may need to visit their website to find instructions or read the owner’s manual.
Some of the companies that have specifically indicated they have updates for at least fairly recent equipment include Microsoft, Meraki, Netgear and Sierra Wireless. They have all posted updates for at least some of their products. Companies that claim they are not affected are Lenovo, Arista and VMWare. Most others are working on the problem and expect to post solutions on their websites or inform users that they are already taken care of in the next few days. By the time this is published, most companies should have fairly clear ideas and procedures to resolve the problem, but you will want to check – especially for your modem, router or network switch and your computers and tablets.
Some manufacturers have built their products with automatic updating and will “push” the solution to your equipment as it becomes available which will solve the problem. You should not, however, expect that to be the case. You can check current information for a broad range of companies by going to https://www.bleepingcomputer.com/news/security/list-of-firmware-and-driver-updates-for-krack-wpa2-vulnerability/ and reading through their list.
Take the time to make sure you are safe, and as always – make sure you remember to protect your data, documents, pictures and your computer, phone and tablet by always backing up anything important.
Shaun McCausland has worked in the computer industry for over 34 years, 27 years of it locally with Bits ‘N’ Bytes and Musicomp and currently works as a computer consultant. If you have questions you can reach him at 435-668-7118 or mccausland.shaun54@gmail.com .