Just recently, the KRACK (Key Reinstallation AttaCK) Wi-Fi vulnerability was publicized. You might be wondering what it is and how it affects the security of your Campbell Scientific devices and data.
The KRACK vulnerability exists in the WPA2 (Wi-Fi Protected Access II) security standard used on practically all Wi-Fi devices. The Campbell Scientific NL241 Wireless Network Link Interface, as well as the integrated Wi-Fi options for the CR300-series dataloggers and the CR6-series dataloggers, use WPA2 security. To permanently fix the vulnerability, two things need to happen:
We have a solution available for the CR6-WIFI datalogger. Please read the "CR6-WiFi Daughter Board OS Update Procedure to Resolve the KRACK Vulnerability" application note.
We also have a solution available for the CR300 and CR310 dataloggers. Please read the "CR300-Series-WiFi Daughter Board OS Update Procedure to Resolve the KRACK Vulnerability" application note.
We are working with our supplier of Wi-Fi transmitters to provide a solution for the NL241.
It is important to note that for a Wi-Fi network to be compromised, a hacker must be within the signal range of the network. Remote networks are extremely unlikely to be the target of such an attack.
Until a patch is available, if you are concerned about security, you can use the security options on your Campbell Scientific data logger for additional layers of protection. The Wi-Fi vulnerability allows decryption of the IP communication packets. If you use a PakBus Encryption Key, a hacker would not be able to decipher your data even if the Wi-Fi communication was compromised. We also recommend setting a .csipassword if the HTTP interface of the data logger is enabled.
For more information about security options on Campbell Scientific data loggers, please refer to the “4 Ways to Make Your Data More Secure” blog article.
If you have any questions after reviewing both articles, please post them below.