KRACK is short for (Key Reinstallation Attack) WPA-2 The attack uses vulnerabilities in the current protocol that governs Wi-Fi technology Threat level : Pretty bad – All Wi-Fi routers everywhere are vulnerable A LITTLE ABOUT WPA-2 ENCYRPTION WPA -2 (Wi-Fi Protected Access) Used to convey information from laptop to Wi-Fi router discreetly. Encrypting module of WPA-2 is AES AES (Advanced Encryption Standard) AES – HOW DOES IT WORK? Both user and router have a chain of passphrases These Passphrases are a shared secret. Both users and router need to be on the same passphrase in the chain for the information to transfer successfully. User takes the information it wants to send over the waves by using the ciphering it using the passphrase. The router decrypts the information with the same and sends the information over to the passphrase internet HOW DOES KRACK CRACK The attacker poses as a Wi-Fi router and sends a “can’t hear you, could you repeat that again” message, over and over again. are able to decipher the passphrase of that Until they packet. A continued attack can expose the entire chain of passphrases That can expose all the information the user is sending to the Wi-Fi WHAT DOES THE ATTACKER GET? If the entireattack is successful – The attacker gets everything Credit Cards Bank Detail Personal Information Photographs Email addresses Any sensitive information that could lead to Identity theft HOW TO DEFEND YOURSELF? Update your softwares! th Google plans to distribute the patch on the 6 of November Newer Android devices need that update Older Androids might not get the update Apple says their devices are safer Windows has already made the patch available Use Ethernet cables instead of Wi-Fi for a while. CONTACT US…