Today CERT released an alert about vulnerabilities, which have been discovered in the protocols currently used to support WiFi. This has the ability to impact all devices that connect to a WiFi network and requires immediate action.

The threat, referred to as KRACK – a Key Reinstallation Attack –  allows an attacker to decrypt the data a network user transmits through WiFi. This may allow an attacker to intercept login credentials, cookies and other sensitive information being transmitted across the network.  

Advice to schools:

  1. Ensure all devices are patched with security updates and that automatic updates are enabled.
  2. Ensure that login credentials and passwords are only transmitted via secure https (Hypertext Transfer Protocol Secure) websites – visible in the top left of the URL search bar.

For more information: