How Safe Are Your Campbell Scientific Devices from KRACK?

by Jacob Davis | Updated: 12/22/2017 | Comments: 0

Blog Topics

Search the Blog

Subscribe to the Blog

Get an email when a new article is posted. Choose the topics that interest you most.


Enter your email address:


Suggest an Article

Is there a topic you would like to learn more about? Let us know.

Leave this field empty

Encrypted padlock

Just recently, the KRACK (Key Reinstallation AttaCK) Wi-Fi vulnerability was publicized. You might be wondering what it is and how it affects the security of your Campbell Scientific devices and data.

The KRACK vulnerability exists in the WPA2 (Wi-Fi Protected Access II) security standard used on practically all Wi-Fi devices. The Campbell Scientific NL241 Wireless Network Link Interface, as well as the integrated Wi-Fi options for the CR300, CR310, and CR6 dataloggers, use WPA2 security. To permanently fix the vulnerability, two things need to happen:

  1. The WPA2 standard itself must be modified.
  2. Hardware manufacturers that use Wi-Fi technology need to distribute patched software.

We have a solution available for the CR6-WIFI datalogger. Please read the "CR6-WiFi Daughter Board OS Update Procedure to Resolve the KRACK Vulnerability" application note. 

We also have a solution available for the CR300 and CR310 dataloggers. Please read the "CR300-Series-WiFi Daughter Board OS Update Procedure to Resolve the KRACK Vulnerability" application note

We are working with our supplier of Wi-Fi transmitters to provide a solution for the NL241. 

It is important to note that for a Wi-Fi network to be compromised, a hacker must be within the signal range of the network. Remote networks are extremely unlikely to be the target of such an attack.

Until a patch is available, if you are concerned about security, you can use the security options on your Campbell Scientific data logger for additional layers of protection. The Wi-Fi vulnerability allows decryption of the IP communication packets. If you use a PakBus Encryption Key, a hacker would not be able to decipher your data even if the Wi-Fi communication was compromised. We also recommend setting a .csipassword if the HTTP interface of the data logger is enabled.

For more information about security options on Campbell Scientific data loggers, please refer to the “4 Ways to Make Your Data More Secure” blog article.

If you have any questions after reviewing both articles, please post them below.

Share This Article

About the Author

jacob davis Jacob Davis is the Director of Client Services and Support at Campbell Scientific, Inc. He works with the worldwide technical support teams. His specialties include serial communications and advanced data logger programming. Jacob has a master’s degree in hydrology and worked with large irrigation projects before coming to Campbell Scientific, Inc.

View all articles by this author.

Comments

Please log in or register to comment.