WiFi (In)Security

Digital Technology Partners has long recommended against the use of Wi-Fi for accessing PHI or other sensitive information on your network—by its very nature, Wi-Fi is less secure than a wired connection, and even if a password is used to join the network, a motivated attacker could find a way to listen to your traffic.

This guideline has become even more important in light of the latest advisory released by US-CERT; dubbed KRACK, or Key Reinstallation Attack, this vulnerability affects the most common implementation of Wi-Fi security, and could allow an attacker to eavesdrop on established wireless connections, or even pretend to be a known computer and launch an attack on your network. This is a critical vulnerability and should be treated as such.

If your access point is managed by Digital Technology Partners, we will be updating the firmware as it becomes available to mitigate the disclosed attack vectors; client devices such as phones, tablets, and laptops should also be updated, as this is primarily a client-side attack. However, even with an updated access point and device, care should be taken to minimize the use of Wi-Fi to access PHI. We recognize that it is sometimes unavoidable, such as when a tablet is being used to view images, but desktops and laptops should always be wired if they are going to access your network, and if you use a wireless device outside of your office, PHI should not be accessed from it without appropriate safeguards in place to mitigate the risk of attacks such as KRACK.

Basic network security practices can also help reduce the risk of leaking sensitive information due to this attack or any other. These practices include: only using HTTPS for sites such as banks and email providers; using an up-to-date, standards-compliant browser such as Safari, Chrome, or Firefox; not connecting to open Wi-Fi; ensuring that all of your devices have up-to-date software; and using two-factor authentication on all sites that support it. With these steps, even if the KRACK vulnerability is exploited on a network you’re connected to, your attack surface is greatly reduced.

If you would like to learn more about how this vulnerability could affect your practice, or if you have other questions regarding your network security, please reach out to our help desk. We will be more than happy to walk you through specific implementations, as well as to address any concerns. We are available Monday through Friday, from 8 to 5 eastern, and can be reached at (770) 918-0075.