Director of VORAS Consulting, Paulius Petretis Writes About Wi-Fi KRACK Attack

Paulius Petretis, leading cyber security expert notifies his readers about the new released information about the KRACK making all Wi-Fi networks and hotspots open and vulnerable to criminal activity.

Vilnius, Lithuania – October 10, 2017 – Paulius Petretis, CEO of VORAS Consulting posted a new article on the company website entitled “ KRACK Disclosed In Wi-Fi Networks.” Mr. Petretis reveals the widespread and potentially devastating consequences of this latest cyber attack.

Petretis points out, “Those of us in the cyber security industry were recently alerted by the United States Computer Emergency Readiness Team (US-CERT) about an imminent attack on the integrity of Wi-Fi communications.” He continues adding, “The attack is one that makes all Wi-Fi networks vulnerable whether working on a private in-office network, at your favorite coffee shop or even in your own home. The announcement was made public just after midnight on October 16.”

“According to an article on ars technica,” says Petretis, “The proof-of-concept exploit is called KRACK, short for Key Reinstallation Attacks. The research has been a closely guarded secret for weeks….” https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/

Petretis, along with other experts is pulling his information from a variety of sources. From Forbes.com he shares the following from researcher Mathy Vanhoef, from Belgian university KU Leuven, “This (KRACK) can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.”

https://www.forbes.com/sites/thomasbrewster/2017/10/16/krack-attack-breaks-wifi-encryption/#3f74948e2ba9

According to Petretis, “The best advice for individuals is to keep your devices up to date. Until updates appear, consumers can still take steps to safeguard against KRACK. The easiest thing would be to simply use a wired ethernet connection, or stick to your cellular connection on a phone. That’s not always possible though.”

The entire article can be read here: https://voras-consulting.com/krack-disclosed-in-wi-fi-networks/

Paulius Petretis

Paulius Petretis is an Information security expert, Certified Information Systems Security Professional (CISSP®), Certified Information Security Manager (CISM®), Certified Information System Auditor (CISA®), Certified in the Governance of Enterprise IT(CGEIT®) and Certified in Risk and Information Systems Control (CRISC®), Guest speaker at various conferences and seminars, Trainer at information security related training courses.

According to the annual survey initiated by the Info Security Europe, a whopping 93% of large organizations and 76% of small businesses had at least a single information security breach in 2011. Only 18% of the organizations affected by the infringements related to data protection laws had a consistent and effective contingency plan in place. According to Paulius, information is not something static – it evolves and mutates every day. It is the ecosystem of every business and if a single cell fails, it can bring down the entire business.

Therefore ensuring a consistent and up-to-date information protection policy must be the priority for all businesses – no matter how big or small they are. As it might be unrealistic to believe that any young or experienced entrepreneur can be the jack of all trades, the really smart decision is to rely on specialists who dedicate their professional lives to getting to know everything there is to know about protecting important business information.

With more than 16 years of experience in helping people, small businesses, and government organizations to protect their business secrets, Paulius believes that information security must help businesses achieve goals but not vice versa.

###

Posted Under: Paulius Petretis