Security Alert: KRACK Cyber Bug

October 19, 2017

A cyber bug known as KRACK (key reinstallation attacks) is affecting almost all Wi-Fi Protected Access II (WPA2) networks putting most wireless devices, including computers, phones, tablets, and routers at risk of attack.

You are NOT at risk by continuing to use campus encrypted networks and services (eduroam, ResWiFi, VPN).

The weakness in the Wi-Fi protocol allows attackers within range of vulnerable devices or access points to intercept passwords, credit card numbers, emails, chat messages, photos, and other data presumed to be encrypted, and in some cases, to inject ransomware or other malicious content into a website you are visiting. Thankfully, there are no reports of this being an active attack yet.

The ITS Security Team has the ability to detect this vulnerability and they are working with vendors to develop a monitoring solution. The software that provides a fix, will be available and installed on our campus wireless access points soon. Laptop and portable device manufacturers will also be providing you with updates to patch your systems.

Here are some important reminders to better protect yourself:

  • Whenever off campus, use known, encrypted networks, such as Campus Virtual Private Network (VPN), which is available to UCSC students, researchers, faculty, and staff. https://its.ucsc.edu/vpn/installation.html
  • Whenever on campus, use UCSC’s eduroam wireless service or ResWiFi (available only in resident halls) as opposed to unencrypted networks such as CruzNet. https://its.ucsc.edu/wireless/
  • Limit your use of public "free" Wi-Fi networks.
  • Make sure all your devices are regularly patched and updated, and you should also update the firmware of your home or residential router. After updating your router, you can optionally change the Wi-Fi password as an extra precaution.
  • Make sure you connect to websites that are secured with https:// (not http://) and you do not get an error stating, ‘Your connection is not private’ as this could indicate a forged or malicious site. By connecting to websites (including campus web applications) with https://, you are helping to protect yourself from this kind of attack.
  • Set devices to "ask" before joining new wireless networks. Periodically go through your device's list of known wireless networks and delete entries no longer needed (usually found under network, wireless, or airport settings).
More information about this attack can be found here: https://www.krackattacks.com/

For questions or concerns, please submit an IT Request ticket at http://itrequest.ucsc.edu, or contact the ITS Support Center by email help@ucsc.edu, telephone 459-HELP(4357), or in-person Kerr Hall Room 54.