There is rising concern regarding the recent discovery of the Key Reinstallation Attacks (KRACK) WPA vulnerability. This notice is intended to explain KRACK and address your concerns… CSSI is committed to delighting our customers by providing top-notch service and support!
What is the KRACK WPA vulnerability?
At a high level, the KRACK vulnerability is the potential for interception, manipulation and replaying of cryptographic handshake messages. This could allow hacker to intercept communications between wireless computers, printers, etc. as the devices are connecting to wireless access points on a network. After intercepting the wireless traffic, the hacker could reuse the encrypted keys to connect an unauthorized device to that network.
What standards and devices are vulnerable?
The vulnerability is known to affect WPA, WPA2 and AES encryption standards, and affects nearly all manufacturers.
How can CSSI help?
Our focus in alerting our customers of the KRACK WPA vulnerability is to ensure all are informed of the risk associated with devices that CSSI sells and supports, as well as to aid in correcting the vulnerability. We are here to help, and want to provide you with the information required to secure your wireless infrastructure.
CSSI is monitoring vendor patch release schedules to help ensure the security of our customers’ AIDC/RF computers and label/tag printing devices. As device patches become available, the CSSI support team is here to assist with the deployment of the appropriate patches.
For more information regarding KRACK vulnerabilities, please visit the following sites: