The National Cyber Security Centre (NCSC) is aware of reports of security vulnerabilities in Wi-Fi Protected Access II (WPA2), this has been labelled as ‘KRACK attack’.  

The NCSC provides services to government agencies, critical infrastructure providers and organisations of national significance, to assist them to defend against cyber-borne threats.

The NCSC recommends our customers refer to the following US CERT advisory:

https://www.us-cert.gov/ncas/current-activity/2017/10/16/CERTCC-Reports-WPA2-Vulnerabilities (external link)

Members of the public and other organisations wanting further information can refer to guidance on the CERT NZ website:

https://www.cert.govt.nz/businesses-and-individuals/recent-threats/krack-attack-security-vulnerabilities-affecting-wifi-enabled-devices (external link)