THE KRACK ATTACK

WHAT IS THE KRACK ATTACK?

 
 KRACK is short for (Key Reinstallation Attack)

 WPA-2
The attack uses vulnerabilities in the current
 protocol that governs Wi-Fi technology

Threat level : Pretty bad – All
Wi-Fi routers
everywhere are vulnerable
A LITTLE ABOUT WPA-2 ENCYRPTION
 
 WPA -2 (Wi-Fi Protected Access)

 Used 
to convey information from laptop to Wi-Fi
router discreetly.
 
 Encrypting module of WPA-2 is AES
 
AES (Advanced Encryption Standard)
 AES – HOW DOES IT WORK?
 
Both user and router have a chain of passphrases
 
 These Passphrases are a shared secret.

Both users and router need to be on the same
passphrase in the chain for the information to
transfer successfully.

User takes the information it wants to send over
 the waves
by using the ciphering it using the passphrase.

The router decrypts the information with the same
 and sends the information over to the
passphrase
internet
HOW DOES KRACK CRACK
 The attacker poses as a Wi-Fi router and sends a
“can’t hear you, could you repeat that
 again” message, over and over again.

 are able to decipher the passphrase of that
Until they
 packet.

A continued 
attack can expose the entire chain of
 passphrases

That can expose all the
 information the user is
sending to the Wi-Fi
WHAT DOES THE ATTACKER GET?

If the entireattack is successful – The attacker gets
everything
 
 Credit Cards
 
 Bank Detail
 
 Personal Information
 
 Photographs
 
 Email addresses

Any sensitive information that could lead to
Identity theft
HOW TO DEFEND YOURSELF?
 
 Update your softwares!
 th
Google plans
 to distribute the patch on the 6 of
 November
 
 Newer Android devices need that update
 
 Older Androids might not get the update
 
 Apple says their devices are safer
 
 Windows has already made the patch available
 
Use Ethernet cables instead of Wi-Fi for a while.
CONTACT US…

Website: www.Siconsult.com
Email: sale@siconsult.com
Phone: +44 (0)20 332 70699