< Back to the advice centre

The Dangers of Wireless

Wireless networks are becoming more and more popular. With the sales of laptops outpacing desktops and the availability of high speed broadband internet, it is much more convenient to be able to access the internet on your laptop from anywhere in the house rather than being chained to a beige box in the corner. However, with all the convenience comes a cost, wireless networks are much more open to intrusion than a wired network.

How are you at risk?

When you are using a wired network anyone who wants to hack into that network needs to have physical access to the hardware; they need to be able to plug their computer in. With a wireless network they just need to be within range of your router, often the signal from your router will extend well outside your house into your neighbours houses and your street.
There are people – sometimes known as ‘war drivers’ who will drive around a neighbourhood with a laptop looking for unsecured networks to attack. Obviously a person having access to your network is a bad thing, they are able to access any files you may have shared and they can steal your internet bandwidth. To understand some of the really serious problems though, it is necessary to understand something of how your router works.
When you type a web page into your browser your computer sends a request for that page to your router, which works out where to send the request next. If someone else gains access to your router they can change its internal configuration so that it redirects certain requests to other pages, for example when you go to your online banking page the request is redirected to a page controlled by the criminal which looks exactly the same as your online banking page. This is what is referred to as phishing.  This is even harder to detect than if you receive an email purporting to be from your bank with a link in it which takes you to a different site. When the configuration of your router is changed the address that appears in your browser window will be identical to the real website, there is no way for you to tell.

What can you do?

Fortunately, securing a wireless network with today’s hardware is fairly easy. All routers support some sort of encryption, which makes it impossible to view your network traffic without knowing a password. You can also set a password on the administration of the router so that even if your network is compromised an attacker will be unable to change the configuration  of our router.

Setting up encryption on your router

Setting up encryption is usually a fairly easy task. To access the configuration pages of your router open your web browser and browse to the IP address of your router. This address will be in the manual or printed on the router somewhere. Once you have done this you should find that there is a menu called ‘administration’ or ‘system’ or something similar. Within these menus will be an option for wireless security. If these instructions are inadequate then you should consult the documentation which comes with your hardware.
When setting up encryption there are several options. Usually you will be presented with a choice between WEP and WPA encryption. WEP is an old standard which should be avoided if at all possible, attackers can often crack WEP encryption in a matter of minutes. WPA is a much stronger standard, however, if you do not choose a strong password for it then the strength of the protocol will be irrelevant. The best passwords are a random mixture of upper and lowercase letters and numbers. Obviously a random string of numbers can be hard to remember, one piece of advice is to choose something which is  made out of  a song lyric or rhyme; for example ’30 days hath September’ would become 30dhS, a very strong password.

Setting a password on your admin console

So you’ve setup your wireless encryption using WPA and a strong password, you’re safe as houses aren’t you? Not quite, while you’re network is much, much tougher it is still possible to crack WPA networks. Admittedly with a strong password the process can take weeks but I can be done. If your neighbour is a bored hacker they might try and crack your network. So as an extra layer of security you should setup a password on your admin console, this will stop people who have access to your network from changing internal router configuration, protecting you from phishing attacks.

Regularly change your network settings

Finally, because no protocol is completely secure, you should change your wireless password once a month, this means that anyone who wants to crack your password must do so quickly, and even if they do they will not be able to access it indefinitely.

< Back to the advice centre