How People Are Hacking Wireless Networks & How To Protect Yourself
by Matt Smith on Aug. 20th, 2010
You’ve set up your wireless network. You’ve been good, too – you gave your router a unique ID that won’t be easily mixed up with other wireless routers and you have secured the network with a password so not just any passer-by can piggyback off your network as a means of downloading South Park episodes. You don’t have to worry about hackers now, right?
Well, not so fast. Although you’ve taken the basic steps required you still need to be aware of some hacking methods that can be used to gain access to your network despite the safeguards you have in place. You also need to be very wary whenever you are using a wireless network that is not your own.
Let’s take a look at the techniques hackers use when hacking wireless networks and what you can do about it.
The simplest of all attacks, sniffing is the simple process of intercepting wireless data that is being broadcasted on an unsecured network. If you are at home, and your network is secured, you don’t have to worry too much about sniffing attacks. However, most networks that are in the wild are not secured, including many of them at hotels and coffee shops.
It is easy to take a “It won’t happen to me” attitude, particularly when you’re using the free WiFi at a favorite coffee haunt. Here’s the thing – the sniffer may not be one of your coffee sipping cohorts. Sniffers can just as easily be somewhere outside of the shop, merrily picking information off the airwaves. There is even an activity known as Wardriving that involves driving around a city picking up wireless data.
Google was recently busted for this activity when it was revealed that some of their Google Maps vehicles had also been picking up data from unsecured wireless networks as passed by. Google claimed it was accidental and that they meant no harm. Most Wardrivers also claim to be benevolent, often stating that they’re only trying to map out wireless networks. Still, it is easy to see how a malicious person could use this technique to try and steal sensitive data.
Full protection can only come from not using unsecured wireless networks. That may not be practical however, so your second best defense is to be careful about what information you send on an unsecured network. Before entering any information, be it a password or a comment on a blog, ask yourself – would I care if a stranger obtained this information?
If you’ve set up a wireless network you’ve probably noticed that your computers no longer need to be told to access your network. Instead they access it automatically as soon as they move within signal range.
This is a very convenient feature, but it is also prone to exploitation. Hackers often attack a wireless network by simply creating a new network with a stronger wireless signal and a copied SSID in the same area as a legitimate network. This causes unsuspecting computers to automatically connect to the spoofed network instead of the real one.
Setting up your computer’s security settings so that it does not automatically connect to networks is the best way to counter-act this threat. You can also try to protect your home network by using a free network mapping tool like Spiceworks. A sudden change in your network map is a sign your wireless network may is being hit by a spoofing attack.
In a perfect world, you could set up your wireless network with an encryption key and be protected for life, but the real world simply doesn’t work that way. As encryption keys become more advanced hackers also increase their skills and develop new tools for penetrating even well protected wireless networks.
There are numerous ways to crack a wireless network’s encryption, but even simplistic methods can work. The website WPA Cracker, for example, can be used to hit a network with a brute force dictionary attack that simply throws random words at a secured wireless network to try and crack it. This method can take a long time, and sometimes requires luck on the hacker’s part, but it is often effective.
The first step in protecting yourself people hacking wireless networks is to use WPA encryption. WEP, the older encryption technology, has been completely de-constructed by hackers and is now considered quite easy to crack. The second step is the use of a long, highly randomized encryption key. Long, random encryption keys are a pain in the butt to remember, but they’re much harder to crack.
These are the three most common methods of hacking a wireless network, but they’re not the only ones. New exploits are found constantly, making it difficult to ever ensure that you are 100% protected.
That’s the bad news. The good news is that, unless you happen to be a corporate CEO or a senator, you’re unlikely to ever be targeted by a cutting-edge attack. Most attacks are tried-and-true methods that rely on the target’s negligence rather than the hacker’s advanced knowledge. Simple steps – such as making sure your encryption key is long and highly randomized and never accessing system websites over wireless while in the wild – will protect you from most threats.