Home / News / Jeanette Manfra: DHS Shares Info on Wireless Network Vulnerability

Jeanette Manfra: DHS Shares Info on Wireless Network Vulnerability

The Department of Homeland Security has publicly shared information about a newly-discovered vulnerability in the Wi-Fi Protected Access II protocol that works to help protect almost all wireless network traffic, DHS’ Jeanette Manfra wrote in an article published Tuesday.

Manfra, assistant secretary for cybersecurity and communications at DHS, said that the Software Engineering Institute’s CERT Division alerted DHS on the WPA2 exploit technique dubbed Key Reinstallation Attack, or KRACK.

She added that KRACK could likely affect any standards-compliant implementation of WPA2 since the vulnerabilities are in the 802.11i protocol.

Threat actors can use KRACK to exploit Wi-Fi networks within range and view network traffic that WPA2 encryption is expected to protect, according to Manfra.

She noted that attackers could also access user information such as emails, chat messages, pictures, credit card numbers and passwords if additional security measures like HTTPS are not implemented.

Following the publication of CERT report, DHS’ US-Computer Emergency Readiness Team released a public alert in an effort to provide information on KRACK to a wide audience.

DHS also sent a directive to all federal departments and agencies that requires the use of cybersecurity best practices to secure websites and email messages.

The department worked with the FBI to issue a joint technical alert on advanced persistent threats against critical infrastructure, especially the energy sector.

Check Also

DoD: China Acquiring Tech for Military Modernization Through Legal and Illicit Means

The Defense Department said in a recent report that the Chinese government has been pursuing its military modernization goals through legal and illicit means, procuring foreign technology through legal means but also engaging in clandestine operations to gain access to regulated or export-restricted material, the DoD stated in its report to Congress.

Leave a Reply

Your email address will not be published. Required fields are marked *