The bad guys now have free reign into my WiFi?
No.
Let me explain this as it pertains you, the typical medical office.
“Krack” as it is called, is a method of hacking into a WiFi system.
It is not easy to do.
The risk to a home or small business is low.
BUT – this does not mean ignore this.
The flaw is in how the WiFi security protocal WPA2 securely connects a wireless device to the router.
Windows and Apple users need to update their systems.
When this hack was announced, the Windows update that was released a week earlier fixed the flaw.
iOS11 fixes this flaw.
If you use Linux somehow, there is a fix coming.
If you use an Android phone, a fix is coming.
What Do I Do?
Here is what you need to do to minimize your risk:
- Make sure your Windows computers are up to date
- Make sure your Windows servers are up to date
- Update all Apple devices to iOS11
- If you use Linux, a fix is coming (or here) check with your Linux specialist
- If you use an Android phone, a fix is coming.
Just like your computers, your router needs its software updated from time to time.
The fix on the router side of things, for this specific flaw, will probably take longer.
But you still need to check your router regularly for firmware updates.
Still, do the following:
- Make sure your WiFi is set to WPA2 AES
- If your router only has WPA as the encryption option, replace it.
- Do these items at all locations and all homes from which users remote into the office
If you are on the cloud and are on a VPS, you are essentially safe from this issue, as it pertains to your EHR data transmission.
If you are shopping online, or your EHR uses a browser for access, make sure you see the HTTPS and green secure lock as shown below. You need to see this when you first login and keep watching for it.

So, to summarize (this is a do to list folks):
- Make sure your Windows computers are up to date
- Make sure your Windows servers are up to date
- Update all Apple devices to iOS11
- If you use Linux, a fix is coming (or here) check with your Linux specialist
- If you use an Android phone, a fix is coming (or here), update your phone software.
- Make sure your WiFi is set to WPA2 AES
- If your router only has WPA as the encryption option, replace it.
- Do these items at all locations and all homes from which users remote into the office
Want to join the discussion?
Feel free to contribute!