Fighting KRACK

Last week the key reinstallation attacks vulnerability, called “KRACK” for short was publicized.

When we heard the name of this vulnerability we could not help “butt” chuckle, no bun intended, and thought of this image. Butt, in all seriousness (OK, I’ll stop now), KRACK is a significant vulnerability that people need to take seriously, pay attention to, and patch to address as soon as possible.

KRACK exposes vulnerabilities in the Wi-Fi Protected Access II (WPA2) implementations on most, if not all, wireless networking devices that use the protocol. With KRACK, attackers can bypass WPA2 network security, exposing passwords, credit card numbers, messages, calls and other information.

We are happy to report that TrustCall is not susceptible to KRACK. TrustCall calls and messages are encrypted end-to-end, and do not rely on WPA2. Whether or not one’s network was affected TrustCall communications are always encrypted.

Even so, please patch your Wi-Fi networks ASAP.

Elad Yoran

Elad Yoran is Executive Chairman of KoolSpan, CEO of Security Growth Partners (SGP) and Associate Adjunct Professor at Columbia University School of International and Public Affairs (SIPA). He is a 20+ year cybersecurity executive and entrepreneur, among other things having founded and led many foundational cyber companies. He serves as director at Infinidat as well as on several government and industry boards including the Army Cyber Institute, the Cloud Security Alliance, and previously, the FBI IT Advisory Council. Elad is the author of many articles going back to the original Internet Security Threat Report research papers. Elad’s cybersecurity entrepreneurial experience, for which he was honored as “Entrepreneur of the Year” by E&Y, includes Riptech, acquired by Symantec; MediaSentry, acquired by SafeNet; Sentrigo, acquired by McAfee; Vaultive, acquired by CyberArk and others. Previously, Elad served as VP Global Business Development at Symantec. In addition, Elad was a strategic investor and director/advisor to Red Owl Analytics, acquired by Forcepoint; NetWitness, acquired by RSA; ThreatGrid, acquired by Cisco; and Insightix, acquired by McAfee. Previously, Elad served as a US Army officer and is a veteran of Operation Restore Hope in Mogadishu, Somalia. He is a graduate of the Wharton School and West Point.