By Natalie Bluhm Posted January 5, 2018
In the past year, IT admins and consumers have witnessed some pretty brutal cyber attacks. From new vulnerabilities in protocols to outdated devices and software, IT admins have been especially hard-pressed to increase security in their environments. Securing devices in response to cyber attacks on WiFi networks is a security requirement that IT admins can’t afford to ignore.
When the KRACK attack occurred in October 2017, we put together a security briefing where we discuss a list of five things you can do to improve your WiFi security, and using secure devices is at the top of the list. Our advice about using secure devices doesn’t just pertain to KRACK though, and is good advice to heed in general for network security – especially when new cyber attacks are surfacing routinely.
Using KRACK as an example, this post, covers how to secure devices in response to cyber attacks. If you are interested in the comprehensive KRACK security briefing and the 5 steps you can take to improve WiFi security, feel free to check out the blog post here and watch the video here. In them, we discuss taking these 5 steps:
- Use patched, secure devices
- Avoid public WiFi
- Browse securely (https)
- Leverage existing VPNs
- Implement RADIUS
Now let’s quickly review what KRACK is, and then we’ll discuss steps you can take to secure your devices in response to cyber attacks like KRACK.
KRACK Cyber Attack Overview
The Key Reinstallation Attack (KRACK) allows an attacker to take advantage of vulnerabilities within the WPA2 protocol and gain the ability to read information that is supposed to be encrypted, like credit card numbers and passwords. The interesting aspect of this attack is that it has nothing to do with how a user accesses or authenticates to a network. Instead, this attack compromises the protocol that encrypts information passed through the network. So, if you unknowingly are using a KRACKED network and use a WiFi enabled device to purchase something or log in into an account, the attacker can read your credit card information or the username and password to whatever account you logged into. Unfortunately, because of the nature of this attack, there was not a whole lot users could do to remedy it initially. Users needed the device vendors to release a patch to fix this vulnerability. Still, whether your devices have received a patch or not, it is crucial to reevaluate your WiFi security posture, and there are actionable steps IT can take to secure devices in response to cyber attacks like KRACK.
Step 1: Use Enterprise Grade Devices
The first step is to use enterprise grade devices. Home routers from your closet or BestBuy may not be able to receive the updates that address these vulnerabilities when they occur. Also, these lower-end devices don’t typically offer the most secure means for network authentication. They commonly use a WPA2 passphrase or SSID, and those could be cracked even before the KRACK vulnerability. Any person with Kali Linux running on a Linux box can walk outside your house and crack your password. So with that said, we don’t want to bring these lower-end routers into the enterprise.
Step 2: Use Patched Devices
The second step is to make sure your devices are patched. In the wake of a major cyber attack, it is common for online communities to develop lists of patches from major vendors. In the case of KRACK, GitHub and Reddit both produced a list of the vendors that have been affected and their status on patches. These two sources are included below. Please note that JumpCloud is not endorsing either of these sites and cannot guarantee their credibility.
Reddit: Vendor Patch Status Megathread
If your devices are not on these lists because they are too old to receive patches or just don’t have the capability to receive them, it’s time to throw those away and start using industrial grade devices.
Step 3: Use RADIUS
The third step in securing your WiFi devices is to implement RADIUS. If you’re familiar with RADIUS, then you are well aware of how difficult configuring and managing a RADIUS server can be. With JumpCloud’s RADIUS-as-a-Service, we take care of the uptime, availability, and security of RADIUS infrastructure, and you simply get to enjoy the benefits of a more secure network.
RADIUS-as-a-Service, or cloud RADIUS, can significantly improve your WiFi security because it allows IT to have every employee authenticate using their own unique credentials. This eliminates the need for insecure behaviors like having a shared password or writing the password on a whiteboard that anybody can see. In addition to removing this IT blind spot, RADIUS also makes it easier to deprovision access to the network when an employee leaves. When you’re using JumpCloud, a user’s credentials can be tied to their system, apps, storage, and WiFi. With a couple clicks in JumpCloud’s admin console, IT admins can quickly remove an employee’s access not only to the company’s network but to all the other company assets the employee was using. Besides improving security, cloud RADIUS also creates less hassle for end users because there won’t be a WiFi password change each time an employee leaves.
Securing Devices in Response to Cyber Attacks like KRACK
As vendors and IT organizations adjust to KRACK WiFi vulnerabilities, using enterprise grade, patched devices with RADIUS can greatly improve network security in your IT environment. Additionally, implementing RADIUS no longer has to be a painful, time consuming process with our cloud RADIUS. Plus, you can also centralize all of the IT resources in your environment. With our cloud-based directory, IT has the ability to manage user access to Mac, Linux, and Windows systems, LDAP and SAML based applications, and on-prem or online storage in addition to wired and WiFi networks.
Learn More about How to Secure Devices with JumpCloud
For more information on implementing RADIUS-as-a-Service, consider watching the webinar below to learn how to setup RADIUS in a new office in a matter of minutes. We hope you’ll reach out to us if you’re interesting in learning more about how Directory-as-a-Service® can help you secure devices in response to cyber attacks like KRACK. Interested in testing cloud RADIUS? Considering signing up for a free account. All of our features are available and your first ten users are free forever.