You grew up with the knowledge of how an anti-virus software protects your computer.
When you started using social media, you learned it’s not wise to accept friend requests from unknown people.
As you immersed in the digital age, you started doing well in terms of keeping yourself, your data, and your devices safe from hackers. Creating strong passwords, not opening suspicious email attachments and ignoring unknown Skype requests are some actions that made you proud.
You’ve done well, but there is still an essential weakness that hackers can exploit to gain access to your credentials and steal your sensitive information. It’s related to something that’s a major part of your digital life – your Wi-Fi connection.
Unprotected Wi-Fi is the easiest route hackers can take to leech your information, gain access to your home network, and cause you headaches with more adverse behavior.
Why Secure Your Wi-Fi?
Before learning how to protect your Wi-Fi network, you need to educate yourself about why it should be protected. Home Wi-Fi networks face several risks, a major one being DNS hijacking. This is when a malware sneaks into your unsecured router and redirects you to a clone website of a real site, such as a fake banking login page that looks like the original webpage of your bank’s site. After you log in, hackers capture your credentials and use them to login to the real website.
Then there is another vulnerability associated with the WPS (Wi-Fi Protected Setup) standard that’s present in a majority of wireless routers. It potentially enables anyone to gain access to Wi-Fi networks via wireless routers supporting WPS and is using WPA2 or WPA security. However, WPS has PINs which are vulnerable to brute force attacks.
Also, attackers focus on exploiting Wi-Fi endpoints. Exploits of varying natures can be utilized to break through buggy Wi-Fi drivers, from high-privilege kernel environment to execute arbitrary actions. Metasploit and other automated tools allow adversaries to launch exploit attacks and buffer overflows with minimal effort.
How can you safeguard your Wi-Fi?
Now that you’ve an idea of why you need to secure your Wi-Fi network, here are 6 measures you can take to protect it from sophisticated cyber criminals:
- Deactivate WPS: If your Wi-Fi is supporting WPS, deactivate it. WPS PIN is the 8-digit number on the label of WPS-supported devices. As attackers can crack the PIN code of WPS-enabled devices to capture your passphrase, it is best to disable the option to prevent brute force attacks. Depending on vendor implementation, you have the option to keep WPS deactivated till you discontinue use.
- Disallow guest admin access: You may not have the resources to keep a determined cyber criminal out, but you can make their job difficult. Disallowing guest admin access from external wireless networks will keep sophisticated hackers from wreaking havoc on your Wi-Fi router. Of course, all modifications to your personal router would have to be performed from a computer on your local area network.
- WPA2 encryption is your best bet: Even though you have the WEP encryption option for legacy reasons, it is best to avoid this option as it takes only a few minutes for a hacker to crack its defenses. WPA2, on the other hand, is better for security as it relies on the latest AES-based protocols. Every modern Wi-Fi supports it.
- Pay attention to physical security: Besides following the above-mentioned steps for securing your wireless network, you need to consider the physical security as well. Ensure the wireless router and APs are secured from guests, neighbors and other visitors. You could, for instance, place the hardware in a place where it’s difficult to reach, such as in a locked store room.
- Change SSID name: This is the name that identifies the router. The name of the router is used as the default SSID in many cases, and this presents a security risk and would assist the hacker in using sophisticated exploits. Change the SSID name, but don’t use a common name or your family name.
- Disable the network when not in use: One of the simplest ways to improve your Wi-Fi network security is to switch off the gear when it’s not being used. Wi-Fi wardrivers and hackers can’t target an offline network. You can switch off the Wi-Fi when going outside for even a couple of hours.
To conclude, the state of home Wi-Fi security has improved over the years; but end-to-end security can’t be assumed always. Attacks continue to emerge, so it’s essential to assess your network risk and take appropriate measures to secure Wi-Fi endpoints.