A vulnerability has been discovered in the protection of wireless networks (WiFi/WLAN). The vulnerability concerns the WPA2 encryption which is used for the encryption of almost all wireless networks. The vulnerability found in the handshake of the WPA2 protocol makes it possible to break the encryption of a wireless network, thereby allowing the spying of data communications in the network. The spy can access all non-encrypted data sent over the hacked network. Passwords, credit card information and personal information are some of the primary targets of hackers. The vulnerability concerns all devices using wireless networks regardless of the operating system and the device manufacturer. The vulnerability does not concern the encryption of mobile data in mobile phone connections.
This is a worldwide problem caused by an error in the WPA2 encryption. WPA2 encryption is used in the university’s wireless networks as well. The university devices are not at any particular risk, but you should always pay attention to information security.
Update your devices at regular intervals
System suppliers distribute updates that will fix the vulnerability in your device’s WPA2 encryption. If you are using a laptop included in centralised administration, remember to connect it to the university network regularly, using either a network cable or the Pulse Secure VPN connection. If the laptop does not connect to the university network, it does not receive any updates.
Use the VPN connection in the wireless network
Always use the VPN connection when using wireless connections. The university’s VPN connection protects all network communications from your device to the university’s server. Also use the VPN connection in the university’s own wireless networks. You can install the Pulse Secure VPN software also to your own devices. You’ll find it in Download Centre.
Instructions on how to use the VPN connection
Recognise a secure connection
When using an online bank, browser e-mail etc., ensure that sensitive information is sent in the network in a secure format. The connection is encrypted when the address bar of the browser starts with https. Some sites, such as online banking sites, also show a lock symbol in the address bar.
Home devices
- Update your home devices at regular intervals Allow the automatic installation of updates.
- Changing the password of the router does not fix this problem. Only updating the devices will help.
- The university’s Helpdesk cannot provide support in matters related to the use or updates of home devices.