Spark Media Advisory #2 re Krack vulnerability

Spark can confirm that our home broadband modems are not vulnerable to the “Krack” Wi-Fi security issue, which was publicised globally overnight. This is because the Krack vulnerability only applies to private Wi-Fi networks that involve multiple access points (modems) as well as a WiFi protocol that enables end users’ devices to seamlessly switch from one access point to another. Spark modems are single access points secured by their individual passwords. Spark’s own Wi-Fi phone box network, as is the case of most public Wi-Fi networks, is an open network which does not use the WPA or WPA2 security standards that may be open to the Krack vulnerability. Therefore, the performance of the Spark WiFi network has also not been impacted by this latest security vulnerability. We continue to advise customers to take care, as always, when using any public Wi-Fi network including Spark Wi-Fi. As the Krack vulnerability affects both WiFi access points and end devices, and is relevant to every end device globally that can connect to Wi-Fi networks (e.g. smartphones, tablets, PCs and laptops, other Wi-Fi enabled devices). This includes devices sold by Spark as well as devices our customers have purchased separately and that are WiFi enabled. Spark is liaising with all its device manufacturers as a matter of urgency to understand when they will have patches available for their devices and the process for installing those patches on devices. For the majority of devices, this is likely to occur via a remote software upgrade that occurs over the internet. We encourage all our customers to enable automatic upgrades on their devices and/or action any prompts they receive to install software upgrades. We remain unware of any Spark customers who have been compromised by the vulnerability to date.