Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/941796
30 Security Dealer & Integrator / www.SecurityInfoWatch.com February 2018 G ood business these days is all about providing valuable services that make a customer's life more convenient, safe and secure. at also means trying to help customers on the cybersecurity front, so their informa- tion, video streams or other system data is not compromised. Unfortunately, that is getting harder to do in today's reality, where new threats are emerging almost daily and you have to know how to try to actively prevent, detect and monitor these types of activities. is applies to your customers as well as your own business. Customers look to systems inte- grators as their hired expert advi- sors, relying on them to make design and product recommendations that © Istock According to Vanhoef 's report, the flaw – which affected millions if not billions of devices – may enable an attacker to deploy a method that enables them to read information previously assumed to be encrypted during wireless transmission. e technique involves "tricking" devices to reinstall an already in-use encryp- tion key, resulting in allowing traffic to be intercepted and decrypted. Unlike many vulnerabilities dis- covered in the past, KRACK does not just affect a specific manufacturer or product – the weakness is in the Wi-Fi standard itself, and therefore most devices that support WPA2 are at risk. e result may potentially be the the of sensitive data being transmitted over the wireless network. Devices in danger include Wi-Fi routers, smart- phones, thermostats, security cameras, Cybersecurity A KRACK in the Wireless Armor A closer look at the newest threat to your customer's networks, along with strategies to deal with a seemingly constant onslaught of cyber risks By Rob Simopoulos are the best fit for their organization. So, what should an integrator do if the product itself has a defect; or potentially worse, a security vulnera- bility or "back door" to gain access? Case in point: It has been four months since the KRACK wireless vul- nerability discovery was made public in Oct. 2017, yet there are still devices currently deployed and in operation which have not been updated to address this threat. Inside the KRACK KRACK, short for "Key Reinstalla- tion Attacks," is a weakness discovered by Mathy Vanhoef – a postdoctoral researcher with the iMinds-DistriNet Research Group, KU Leuven University, Leuven, Belgium – in the Wi-Fi net- work security standard WiFi Protected Access 2 (WPA2).