The WiFi threat is real
One of the most common threats to a computer user’s security is something that has been widely adopted by businesses and home users alike. Wireless internet connections, also known as Wi-Fi, has made connecting you computing devices to the internet easier in a wide range of locations. The same technology that allows you to connect your smart phone, laptop, network, iPad, quickly to the internet connection at your local coffee shop, fast food restaurant, or hotel is the same technology that allows “Hackers” to access data on the systems connected to that Wi-Fi access point. The easiest way for a potential “Hacker” to access your computer or data is to connect to any number of open Wi-Fi networks. Without any hacking tools, you can open the “network” icon on “my computer” in your Windows-based computer and actually browse files on other users systems if they have “file sharing and printing” enabled on their personal computer. A free plug in for the popular browser Firefox by Mozilla allows for packet sniffing on computers connected to an unencrypted Wi-Fi network. Using Firesheep, you are able to use the accounts of other people on the network for social networking , webmail, and even banking sites by using what is called “sidejacking” .
All the threats you have at a public hot spot still exist in the home and office environment. When you add your hardwired systems in addition to your Wi-Fi only systems to your open wireless router, it becomes a literally treasure trove of potential data. Properly configuring you wireless access point to allow for maximum security involves several easy but often overlooked steps. The very first step you should do is to change the default administrator username and password for the access point. These usernames and passwords are well known by the “Hacker” community and they will use them to gain access to your wireless network and change your access point’s settings. The second step is to set up Media Access Control (MAC) address filtering. A MAC address is a unique alphanumeric series of numbers assigned to each network card. Enabling MAC filtering provides a layer of protection by only allowing network cards with a preapproved MAC address connect to your access point. You next step is setting a non-default service set identifier or SSID and setting it not to broadcast. Just like the default administrator username and password, these SSID’s are well-known and should be changed immediately. Setting the SSID broadcast to off prevents the passive “Hacker” from even noticing you have an active wireless network. Finally, setting a Wi-Fi Protected Access II or WPA2 level of encryption password for your connection is an absolute must. The older encryption model of Wired Equivalent Privacy or WEP is easily broken using utilities widely available in fewer than five minutes. While a dedicated “Hacker” can easily defeats any one of these, this kind of defense in-depth will prevent you from becoming low hanging fruit for “Hackers”.
“Hackers” routinely scan for open Wi-Fi networks in an activity known as WAR driving and post their results to websites like http://www.wigle.net . Websites like Wigle allows you to type in a street address and then see on a map the locations of all the wireless access points in that area and if they are open or secured, and if secured a cracked password if available. If a “Hacker” is able to penetrate your Wi-Fi network, they can attempt to access your computers to steal your banking, personal, or corporate information, which they can then use to commit identity theft or sell on the black market. Once on your network they can also use your internet connection to download illegally digital media like music and movies, which can cause your internet service provider to shut off you internet service or even allow for possible legal action from copyright holders. Further, they could use your internet connection to participate in other illegal activities like child pornography. A computer user can easily mitigate all of these possible compromises by judiciously using open Wi-Fi networks with proper security settings and locking down your personal or corporate wireless networks.
