Skip to content

Tips on using wireless networks safely

Avatar

by Sarah Orrill

14/10/10 in Identity Fraud/Theft |

Our recent research into Wi-jacking highlights just how easily a hacker can access your personal details to commit identity fraud. Stay safe from wi-jackingUsing only a laptop and widely available software, our ethical hacker demonstrated how vulnerable we are to Wi-jacking because of non-existent or inadequate online security.

Having gained access to your personal details hackers can ‘cloak’ criminal activities such as purchasing illegal pornography or selling on stolen goods. It also allows them to view your private transactions over the network, accessing passwords and usernames which can then be used to impersonate you and commit identity fraud and other illegal activity in your name.

Key findings from the report

  • We found that nearly a quarter of private wireless networks has no password whatsoever attached, making them immediately accessible to criminals
  • Hackers were able to ‘harvest’ usernames and passwords from unsuspecting people using public networks at a rate of more than 350 an hour, sitting in town-centre coffee shops and restaurants.
  • More than 200 people unsuspectingly logged onto a fake Wi-Fi network over the course of an hour, putting themselves at risk from fraudsters who could harvest their personal and financial information.

Steps and ways to protect yourself

In light of the above risks highlighted by our research we’ve put together some tips to help prevent you from becoming a victim of wi-jacking:

1.    Use encryption on your wireless access points (WAP) - Make sure you have Wi-Fi Protected Access 2 (WPA2) - the latest security standard introduced by global, non-profit industry association, the Wi-Fi Alliance. You can select products that use this method by looking for “Wi-Fi WPA2” in their specifications. WPA2 can operate in two modes, personal mode and enterprise mode.

a.    Personal mode – a pre-shared password or pass phrase used for authentication. This is a simple approach that ensures a computer can only get access to the WLAN if the password matches the access point’s password.

b.    Enterprise mode – a more sophisticated method that is better suited to larger organisations needing stronger protection.

2.    By implementing a Virtual Private Network (VPN) you can create a secure wireless network.  This is achieved by encrypting all of the data that passes over the ‘insecure’ network so that it cannot be accessed by an eavesdropper.

3.    Install a firewall (an electronic barrier that sits on a network server and protects the PCs hidden behind). You can use a firewall in a network to separate an insecure part of the network from the secure area where your most critical data is managed. Businesses that have an existing Internet connection will probably have a firewall already in place, but you should not assume that this would provide protection for your WLAN.

4.    All wireless routers should have obscure IDs when they announce themselves to the world. Rather than put in any real information that can make it clear who owns the router or that can reveal your location or business name, use something common like “wireless” or “router 1” that doesn’t give away anything critical.

5.    Try to position access points, which transfer data between your devices, away from the outside wall of your building to minimise leakage of radio signals. This limits the chances of interception from outside.

6.    Don’t allow employees to add access points without management authorisation. One insecure access point could compromise your entire network

So to conclude, by understanding what the risks are and following these tips you’ll be in a much better position to stay safe and protect yourself from Wi-jacking.

Be the first to comment

    • By registering your comment here you are agreeing to the CPP Blog code of conduct.

  • *All fields are required

In this section

Latest Articles

Popular Articles