Wi-Fi has allowed us to break free from the bevy of cords plugged into our walls. It is at home, school, work, shopping and restaurants. Wi-Fi is so universal, if it did have a cord, we would probably trip over it. Here are a few things you should know about wireless technology to help keep you safe at home and while you are out-and-about.
It no longer takes a team of Network Engineers to set up a wireless network. Nowadays, wireless router setup is fairly quick and easy. Just plug a cable into the back of your internet router, run through the setup wizard, and presto, you are surfing the web from the convenience of anywhere in your house. While this setup is rather easy, you could be unknowingly leaving some significant security gaps in your network. One overlooked gap is the password to the administrator account. The administrator account is important because it is the account that manages your entire home network. RouterPasswords.com is a website for default administrator usernames and passwords. Simply select the type of router you have and you’ll find a list of models, usernames and passwords. If a cyber criminal wanted to steal all your information or use your network to launch an attack against someone else, all they would have to do is take control of the administrator account. Here are a few easy things you can do to protect yourself. Before you do anything, make sure you reference the user manual for your specific router.
- Change all the default passwords. Make sure not to use the same password for the administrator account as the one to join the network. Remember, long complex passphrases are ideal.
- Limit access to your network. Ensure the only devices on your network are the ones you authorized. Do not set your home network to “open.” Leaving it open allows anyone to join your network. Make sure your Wi-Fi network is set to WPA2. This will require individuals to authenticate with a password they are authorized to access the network. It also ensures the data transmitted on your network is encrypted. Do not use WEP or WPA. If your router provides you with a “guest network” option, make sure that it is encrypted using WPA2, also.
- Change the default name of the SSID (Service Set Identifier). The SSID is another name for wireless network. The goal is to make it something unique to yourself without divulging any personal information.
- See what’s connected. Many routers provide the ability to see what is on your network. Take a couple minutes every week to log into the administrator console and see what devices are connected. If you see a device that does not look like it belongs, disconnect it by clicking on the device and select the option to “disconnect” or “block.”
- Update the firmware. One way cyber criminals break into networks is by taking advantage of software vulnerabilities. Log into the administrator console. Firmware updates are frequently found under the “Advanced” tab. If it is not there, look up ‘firmware’ in the frequently asked questions. After the firmware option is located, look for firmware update or router update. Once the firmware update process has begun, do not interrupt it by restarting the router or closing the browser. This could corrupt the update process and could impair the update’s functionality.
Exceeding data limits can be expensive; which is why we are quick to join public hotspots. Locations such as shopping centers, airports and hotels commonly provide these modern conveniences. While clicking the button to join the network may seem like a good idea, you may actually be falling into a hacker’s trap. Cyber criminals create internet access points and change the name to that of the shopping center, airport or hotel. If you connect to these networks, you will be an unwitting participant in something called a man-in-the-middle (MITM) attack. During this kind of attack, hackers place themselves between you and the Internet, allowing them to gain access to all of your unencrypted internet activity.
To protect yourself, here are a couple of easy tips to follow:
- Don’t use public Wi-Fi. This is the easiest tip to follow. If you are unsure of the legitimacy of the wireless hot spot, simply don’t connect to it.
- Ask an employee if they have a wireless hot spot. If they are not sure or do not know, odds are good it is not safe to connect.
- Make sure all communication is encrypted. Look for HTTPS not just HTTP in the address bar. HTTP is unencrypted. HTTPS is encrypted.
- Consider subscribing to a Virtual Private Network (VPN) service. VPNs allow you to set up a secure tunnel between you and the resource to which you are connecting. If you often find yourself in need of accessing public, wireless hotspots, a VPN service may be the most secure method of connecting.
You can find more cybersecurity tips in our previous blog posts:
Protecting the Keys to Your Kingdom