If you’ve always read that you needed to be careful protecting your Wi-Fi network but didn’t take the advice seriously, it’s possible that the threat doesn’t seem real to you. You may not see how easy it really is for someone to break into your Wi-Fi network. Here, then, is a short guided tour of what a hacker would do.
When your network is unencrypted
When your Wi-Fi network isn’t password-protected, obviously, anyone can log on. Many people tend to think that the worst that can happen with unauthorized use is to lose data bandwidth. The real danger, though, lies elsewhere. To begin, if someone gets on your network and does anything illegal on it, it’s your IP address that the authorities will come looking for. You are legally answerable for anything that happens on your IP address.
The other risk is less obvious. All traffic on an unencrypted network is sent and received in plaintext. Anyone next door can install packet capturing software, grab the data that you are sending and look at it. While they won’t be able to read anything that you do on an HTTPS-encrypted webpage (say, your email and Internet shopping) they’ll be able to read everything else.
Even if you have encryption…
Every network device comes with a unique identifying number called a Media Access Control address. If a hacker has the MAC address of the Wi-Fi component on your laptop or other device, he could easily have the Wi-Fi on his computer impersonate it by taking on its MAC address. He could connect to your Wi-Fi network posing as you. The hacker would just need to have network analysis tools to find your MAC address.
If you have obsolete encryption
All modern routers use a secure form of encryption called WPA2. They also offer older, less secure encryption methods such as the WEP and WPA, though, to work with old computers that only recognize those standards. If you make the mistake of setting your router to one of these less secure encryption methods, though, a hacker could easily run freely available software to break it.
Getting in through exploiting WPS
Keying in a set passphrase is the most common way to sign on to a Wi-Fi network. There is an alternative way, though — through WPS. The WPS method uses an 8-digit number to sign computers on to a Wi-Fi network. When you key in the 8-digit number, the router checks it four digits at a time. This is a problem because mathematically, there are only 11,000 possible 4-digit numbers. A hacker could easily use freely available software to automatically cycle through all the possible numbers and sign-on. It makes sense, then, to disable WPS on your router’s setup page.
Even WPA2 passphrases are breakable
WPA2 is the safest router encryption method available today. The security offered, though, completely depends on the effectiveness of the passwords used. Users who use existing words, common names or numbers, then, are vulnerable. Hackers merely need to run automatic software that mechanically goes through a large number of common words, names and numbers.
What kind of software do hackers use for this kind of work?
A number of free, ready-made network penetration tools exist. They come with names like WireShark, Reaver, BackTrack and Aircracking. Anyone with time on his hands could Google for one of these tools and get to work. A strong password with WPA2 encryption is your safest bet.