It was about 5 years ago and I was sat in a coffee booth with a colleague, we were using the free Wi-Fi they provided when someone came over and handed me a piece of paper which said: “Your email address is X and your password is Y”. As the connection was not secure, these details had been intercepted by a third party. In this case it was at a technology conference, so the “attack” was “ethical hacking” and well staged.
Within the last few days, it has emerged that WPA encryption for Wi-Fi has been cracked. This means that somebody could:
- Monitor all websites that you visit
- Log all usernames and passwords
- Read your emails as they travel through the network
- Slow your computer/laptop or internet connection speed
- Perform illegal activities using your internet connection
- Spread a virus or a worm to all devices in the network
This is really quite scary stuff and whilst vendors will work feverishly to create a patch, it drums home the importance of router security. A router exists where one network joins another, almost always where the Wide Area Network (normally the internet) meets your Local Area Network (you and your devices). Given that this is the Main Entrance, it makes sense to equip it with a lock and key as a bare minimum.
What happens if someone were to monitor all the sites you visit and see the usernames and passwords you use? What damage could they do with access to your online banking? With access to your Apple ID and password, they could easily remote kill all of your devices. In fact, they could access everything you have access to. If the motivation is nefarious then the outcome could be highly unpleasant.
By providing “Free Wi-Fi” without adequate security precautions in place you could unwittingly make it easy for someone to carry out illegal activities on your internet connection and by allowing access to your internet connection you become, by definition, an Internet Service Provider responsible for how it is being used. To put it bluntly, if I use your internet and I do something illegal, then it is your fault (unless you have taken precautions, made me sign in, agree to T&Cs and make me uniquely identifiable).
Or they could just attempt to destroy everything on the network with a virus.
Router security should not be an afterthought.
As a minimum:
- Change the default username and password to access the device
- Change the network name to something which is intrinsically yours
- Activate encryption
- Keep the firmware up to date with the latest versions and patches
- Enable MAC address filtering if possible
- Assign static IP if possible
- Turn the network off outside of trading hours if possible
- Enable firewalls
This is not an exhaustive list of either tips or traps. It is, however, a timely reminder that this something you need to practice as in this case charity begins at home. You can do all of these things on your home connection. If you are a business, then you need to make sure that you have adequate measures in place to make sure all of your doors are locked when you go home.
The wi-fi connections of businesses and homes around the world are at risk, according to researchers who have revealed a major flaw dubbed Krack. It concerns an authentication system which is widely used to secure wireless connections. Experts said it could leave "the majority" of connections at risk until they are patched.