The world’s standard for wifi encryption is now hackable. Though it has long-since replaced WEP and WPA, the hacking of WPA2 brings wireless security awareness back to the forefront (and there’s a small chance that awareness is enough … for now). Here we’ll explain exactly what the hack entails and then offer suggestions on steps we can all take (specifically as business owners).
So, what exactly is the issue?
From reports, the exploited weakness in WPA2 is in interception of traffic between the wifi device and the WAP (Wireless Application Protocol). The encryption (WPA2) is now less secure but the fact still remains that in order to intercept the traffic, the interception must occur within the device signal. This means that someone in another region will not be able to look at the traffic, they would be in your office building, or otherwise well within range.
Also, the encryption of web traffic to secured sites (with the lock displayed) is still encrypted (even if it is now visible to those hacking in).
What is the immediate impact?
1) We don’t have all the information yet but this hack does not come as a huge shock since everything is under attack, as we’ve seen in the news the last few years;
2) Wifi should never be used in placed of a secured land line for production/business/transaction purposes (it is also highly susceptible to environmental interference);
3) Important parts of the web, particularly financial, are still encrypted outside wifi encryption. Hackers are still stuck with the security acceptance via the bank or service you are connecting to, which is a saving grace. However, this wifi hack could, in turn, turn that security detail into a higher priority target.
4) Maximum security can be achieved through multiple layers of protection on top of most business-level security applications. An introduction to the difference between products & applications vs. a signal device & mechanism can help business owners make an informed decision on what type of security they need.
Technology is evolving and the weaknesses will always be there. The real insecurity is when someone is specifically looking for breachable moments in your activities. Although simple awareness may be enough today, hackers are working around the clock to find new ways to navigate every standard encryption model available. Recent history has proven that we don’t know which one they’ll crack next and security companies around the world are doing their best to keep up with the threat.
How can you make your business more secure?….
In Part 2, we’ll explore, in further detail, some measures that business owners can take to ensure their business is protected.