KRACK attack takeaways

Featured image

Share this article

KRACK Attack - What to do about it - Paubox
Composing my thoughts at SFO airport

Ten days ago, it was announced that a serious weaknesses in WPA2 had been discovered. WPA2 is the protocol that secures all modern protected Wi-Fi networks. An attacker within physical range of a victim’s wifi network can exploit these weaknesses using key reinstallation attacks, or KRACK.

It should be noted that the discovered weaknesses are in the Wi-Fi standard itself, not in individual products.

Am I affected by KRACK?

KRACK is applicable to smartphones, laptops, tablets, and IoT devices. Vendors are still developing patches for KRACK.

ZDNet has a thorough listing of the patch status for large vendors.

KRACK Takeaways

  • There are no confirmed reports of KRACK being actively used (yet).
  • An attacker must be physically near a wifi network to deploy KRACK. In other words, attackers in foreign countries cannot use KRACK from afar.
  • HTTPS web connections are still encrypted and safe. The same goes for email connections via TLS.
  • Paubox is not affected by KRACK.
  • Android phones and tablets are the most vulnerable to KRACK.

Seamless Encryption by Default

KRACK Attack Takeaways - Paubox
San Francisco to Los Angeles

The KRACK vulnerability points out the inherent weakness in using non-encrypted connections for email and web browsing.

It also validates our approach at Paubox: We designed our products from day one to employ a term we call seamless encryption.

In a nutshell, seamless encryption is about providing the expected benefit without requiring the end user to change their behavior. In this case, the expected benefit for our customers is HIPAA compliant email.

We believe our approach is sound and represents the eventual maturation of the internet.

SEE ALSO: KRACK Attack – What to Communicate

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Hoala Greevy

Founder of Paubox. Kayak fishing when I can. Native Hawaiian CEO.

Read more by Hoala Greevy

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022