You surely use WiFi in your day to day life. Have you thought of the sensitive information that you transfer all the time over a WiFi network? Bank passwords, personal images and passwords are all available to third persons if your WiFi is not secured.
According to Kaspersky Security Network (KSN) study, almost 30% of WiFi networks have little to no encryption. This means that your data is easily available to hackers. Korea, US and France were among the top 15 WiFi unsecured countries in the study.
How is Public WiFi Used by Hackers?
Browsing internet through public WiFi is not safe by any means. In 2015 itself, 594 million people were victims of cybercrime and 12% of Americans had their financial data stolen after shopping online.
The threats and costs are even more for businesses. 32% of US organizations were victim of cybercrime in 2016. The average cost of a data breach to a business is around $ 3.8 million.
There are many ways hackers can use WiFi technology to steal your data, money or identity. Here are the two most common ways.
Man-in-the-Middle Attack
When data transfer over a network is unsecure and unencrypted, a third person can easily intercept it. So, data exchanged between the websites and you can be stolen by exploiting the weak network security. This is known as the Man-in-the-Middle strategy.
To avoid this you must only connect to networks with strong security settings. Any public network that does not have a password is susceptible to such kind of attacks. This strategy is also used for private networks by hackers who are within the range of WiFi.
Rogue Hotspots
Anyone can set up a WiFi to mislead users. For example a hacker could set up a hotspot with the name ‘Starbucks’ in a Starbucks cafe. This would be different from the cafe’s real WiFi but the name could easily confuse a user.
Once the victim is connected to the rogue WiFi, the hacker can see all the data transferred over the network and even infect connected device with malware and ransomware.
Hence it’s advisable to be sure of the WiFi you are connecting to and avoid using public WiFi if possible. Only connect to networks of businesses and persons you trust and make sure that it is not a hacker with the name of a trusted business.
How to Secure WiFi Network
Here are some ways to secure your WiFi network form hackers and data thieves. This will work on both your home WiFi and office WiFi.
1. Have a WPA 2
When data packets are sent over a wireless medium they can be easily intercepted. For this reason, WiFi network have always had encryption of data send over radio waves. The earliest protocol was WEP, which used the same encryption key for each data package. A hacker could easily crack this code in a few minutes.
Starting from 2006 next level security called WPA was started. This used scrambling of encryption key to improve security. The encryption method was further strengthened in WPA2 protocol. This is the latest and best security level available for WiFi. It is not so easy for hackers to break the code transferred under WPA2 protocol.
Needless to say you should ensure that your router has WPA2 level security and AES encryption. All routers manufactured after 2006 have WPA2 enabled by default.
2. Enable Enterprise Mode WiFi Security
The enterprise mode of WiFI Protected Access uses 802.1X authentication for stronger security.
802.1X authentication is a standard protocol for port based network Access Control. It authenticates devices that connect with a server. Connection is established only after device identity is verified and hence it keeps the network safe of third person connecting in.
The architecture includes three parts – a wireless supplicant (connecting device), access device and authentication server. The network is made secure through the communication and exchanges between these three. This rules out Man-In- The-Middle attacks mentioned above. You can configure 802.1X authentication from properties under network adapter in your Desktop/ PC.
3. Secure Password and SSID
Breaking into your WiFi is very easy if the password to your WiFi is known. Hackers have software and tools that run common passwords while trying to break into your network. Easily guessed and default passwords are hence a soft target for them.
Similarly, your wireless network name (SSID) should not be common like ‘‘D-Link’ or your family name. This is because SSID forms a part of your network encryption and hacker tools come loaded with default and common SSID names.
You can change your password & SSID by logging into your router settings by typing “192.168.1.1” in your browser. This may be different for different companies and you should check the router manual for this.
4. Add Device MAC Address
All devices have something known as a MAC address that you can add to your router’s settings. This will allow only the specified devices to connect to your WiFi. Although it’s possible to make a spoof MAC address by a hacker, it still adds a layer of security because it’s one more thing that the hacker has to know.
Final Thoughts
There are many ways that hackers can break into a WiFI network. Just like the cyber-security, hackers are also constantly updating their technology continuously.
As of now, the enterprise setting with WPA2 protocol and 802.1X authentication is a safe method. Take additional steps of setting up a strong password and unique SSID name and you are well protected from unwanted data thieves.
Do remember to update your knowledge from time to time and install new firmware on your router to stay secured.