Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How to crack KRACK: Action plan from Malaysian security experts

AvantiKumar | Oct. 24, 2017
Here are some guidelines from CyberSecurity Malaysia and digital security experts for IT admins and internet users on how to stay safe from the latest exploit - KRACK.

Advice for IT Admins

  • Apply system patch where it is deemed necessary. Subscribe to CERT notices and get alerted when fixes are available
  • Monitor any rouge clone Wi-Fi Access Point (AP) in the network and close it down you have a corporate VPN, ensure all staff uses the VPN for any WI-FI connections. You may want to take the opportunity to also encourage people to use personal VPN for their personal use
  • Ensure systems are updated. As soon as a patch is released, ensure any device that connected to a Wi-Fi network is updated. This is a great opportunity to remind others why updating is so important, to include enabling automatic updating
  • In general, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming).

  Advice for users:

  • Be cautious when selecting Wi-Fi AP especially on public network
  • Make sure to check on available Wi-Fi AP list and avoid choosing the one that has more than one similar SSID
  • Use VPN if possible on public network.
  • Use specific mobile apps instead of the browser version (e.g. Facebook, WhatsApp, Gmail and etc.) because the mobile apps are utilising certificate pinning and eliminates SSL-Stripping.
  • Where possible, use Ethernet cables and connect directly into the network, rather than using Wi-Fi.
  • If tethering is not possible or you do not have a VPN, ensure any online activity is natively encrypted. This step is more limited as some encrypted sessions (such as browsing) may also include unencrypted traffic. Another option is to use HTTPS Everywhere plugin for browsers. Always use encrypted sessions.

Fong added. "This is the *largest scale* of vulnerability impact in the history of WPA protocol. We have not even touched on the impact surface of the Internet of Things (IoT), which may be using WPA.  Krack's impact may turn out to be far more serious than we know today."

CyberSecurity Malaysia's MyCert has issued an advisory and the appendix below gives contact details to report suspected cybersecurity attacks. (See - www.mycert.org.my/en/services/advisories/mycert/2017/main/detail/1288/index.html)
 
  To see some latest local digital security news, visit:

 

Previous Page  1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.