The recently and widely announced weakness in the Wireless Security protocols in use pretty much everywhere have been alarming and caused great concern for some of our customers but let's weigh the risks.
This is an attack on the client portion of the protocol that deals with how the encryption is negotiated, Pretty much every device that uses the WPA protocol is affected. This means nearly every network enabled device and every company network everywhere regardless of make or model.
For detailed info read more here: https://www.krackattacks.com/
That's scarily massive in scope! But lets see why I think this Krack is not as big a cause for worry as it's been displayed in the news.
1) Physical Proximity is required! - In order to implement this attack the attacker needs to be within range of your wireless network. For most this is still 30m from your wireless access point. If someone wanted to get your data this badly that they will take the risk of putting themselves in close physical proximity then they will likely find other less hazardous ways to get to your info. A Phishing scam is a 1000 times more likely to cause a breach in your security and these are launched against your staff multiple times a day every single day.
2) UPDATES! If you update regularly you are going to be fine! This is a newly discovered hack and Vendors are already distributing patches for their equipment. For our clients we select reputable vendors who I can see have already released fixes within days of the public announcement. Together with our automated patching regime for clients laptops and our regular onsite maintenances that include updating the firmware of network devices this vulnerability will quickly be addressed.
Take it easy out there and remember "loose clicks sink ships"
Daniel