NCSC statement on research into potential weaknesses in global Wi-Fi systems

Created:  16 Oct 2017
Updated:  16 Oct 2017
An official statement from the National Cyber Security Centre (NCSC) on research into potential weaknesses in global Wi-Fi systems, including links to related advice and guidance.

A spokesperson for the National Cyber Security Centre said:

“It is absolutely vital that Wi-Fi networks are safe and secure, and the National Cyber Security Centre is committed to making the UK the safest place to live and work online.

“Research has been published today (October 16th) into potential global weaknesses to Wi-Fi systems. The attacker would have to be physically close to the target and the potential weaknesses would not compromise connections to secure websites, such as banking services or online shopping.

“We are examining the research and will be providing guidance if required. Internet security is a key NCSC priority and we continuously update our advice on issues such as Wi-Fi safety, device management and browser security.”

Further information

  • NCSC guidance on end user device security to home users and businesses can be seen here. It states risks associated with using Wi-Fi which must be considered and accepted before its use is permitted.
  • Our guidance is a crucial part of ensuring that the UK has the capacity to manage the increasing cyber threat. We provide advice, not standards or policy. And because our guidance is advisory in nature, it provides a sound basis for users to make their own informed decisions.
  • The NCSC’s 10 Steps to Cyber Security outlines the basic cyber security procedures to protect your organisation from cyber attacks, while Cyber Essentials allows organisations to advertise that they meet a government endorsed standard of cyber hygiene.
  • The potential weaknesses in global Wi-Fi systems have been outlined by researchers in computer security from the University of Leuven. They have given the weakness the codename Krack.
  • As well as not compromising connections to secure websites, the potential weaknesses would not compromise connections to secure enterprise VPNs.

Topics

Was this information helpful?

We need your feedback to improve this content.

Yes No