Wednesday, October 18, 2017

Security Round-Up: WPA2 Vulnerability, Ransomware & More

Among the news of hurricanes, wildfires and flooding, there are many virtual threats  occurring that are important to know about. New threats are released every day, attacking physical hardware, operating systems, protocols, types of users, companies, and more. Some are annoying, some are malicious, while others lie in wait for the best opportunity to use the information they gathered. 

Occasionally a security issue is released that affects the majority of devices, applications or protocols that the majority of people use. The following threats affect items you are likely using every day.

Security Round-Up: WPA2 Vulnerability, Ransomware & More

WPA2 Vulnerability

A brand new threat to the use of wireless was recently exposed. Key Reinstallation Attack, aka KRACK, is a widespread vulnerability that can affect every device using Wi-Fi. This attack undermines the most common wireless encryption used, Wireless Protected Access 2, or WPA2. WPA2 is used to protect users' information when data is exchanged with websites on the Internet and other computer networks.

The KRACK attack convinces users to reinstall an already in-use WPA2 key that can later be modified. These keys should only be used once but this attack can reuse them, thereby allowing the data sent to be intercepted without the end user ever knowing. The good news is that this attack requires an attacker to be physically connected to the network to target the attack. As such, be especially cautious using public wireless.

Patches are currently being released to address this new vulnerability. Some companies have already released updates while others are working closely with manufacturers to release updates. It is important to know it will take time for all devices to receive these patches once they are released.

For more information about this attack read the article at

Locky Ransomware

Another new Ransomware attack was recently released and it contains a malicious VBS script. The purpose of the attack is to encrypt your files and prevent you from accessing them without paying for a decryption key. This attack can be devastating because it uses a common form of communication that many users expect at their workplace. 

The unique aspect of this attack is that people receive emails disguised to look like they are being sent from an onsite multi-function printer. Users are sent emails with attachments using a subject of "Message from MC_C224e", appearing to come from a Konica Minolta C224e. Instead, the email includes a version of Locky Ransomware. 

The scan to email feature on multi-function printers is a key feature for many users and companies. Since users can scan documents and select the recipient to receive the email with the attachment, and given how common this feature is utilized, it is easy to see how users could be tricked by this attack.

For more information about this attack, read the article at 

SSL Certificates

Secure Socket Layer Certifications, or SSL Certificates, are used to secure communication over the Internet and other computer networks. An SSL certificate verifies that content being received is from the correct sender. This means when you visit a webpage, the information displayed is indeed coming from where you expect it.

SSL is most notably in action when signing into banking sites, ordering online or filling out online forms. A secure webpage is denoted by the s following http at the beginning of a webpage URL, or universal resource locator. The lock next to the URL is another sign of a secure connection provided by an SSL certificate.

Until recently, SSL certificates could be purchased for periods up to 3 years in length. This allowed administrators of networks sufficient time to replace them, as replacement is a process with a specific set of steps and requires some time. Unfortunately, this longer period of time also delays widespread compliance with new guidelines, presenting security threats to end users. As a result, the length of time has been reduced to 2 years. This new regulation is effective beginning on March 1, 2018. 

While this change presents more work for network administrators, it will increase the protection for all users. For more information about this new rule, read the article at

In summary, there will always be new threats to the security of our devices, whether they are attacking physical components, applications or protocols. The WPA2 vulnerability affects nearly all wireless devices. Ransomware is an attack that encrypts all files on a device to prevent users from accessing their own documents. SSL certificates protect users when browsing the Internet and other networks but need to be updated more regularly to fully protect end users.

These examples are just a few of the attacks currently going on. As always, the more you know about what is out there, the better prepared you will be to protect yourself!

Enjoy this post? Subscribe to our Blog

No comments:

Post a Comment