Security

How to Stop 11 Hidden Security Threats

Rogue Wi-Fi Hotspots

Free Wi-Fi networks are available almost everywhere you go. Attackers, however, sometimes set up a malicious open Wi-Fi network to lure unsuspecting users into connecting. Once you have connected to a rogue wireless network, the attacker can capture your PC's traffic and gather any sensitive information you send, such as your usernames and passwords.

Verify the network's name: If you want to connect to the Internet at a coffee shop or in another public place, find out the SSID of the establishment's network. The SSID is the name of the wireless network; it is broadcast over the airwaves so that your computer can detect the network, and as a result it's the name that appears in your system's list of available networks.

The SSID for a network at a McDonald's restaurant, for instance, might be "mickeyds." An attacker could set up a rogue wireless router in the vicinity of the McDonald's location and set its SSID to "mcdwifi" or "mickeyds2." Your computer would then display both names on the list of available networks--and the rogue wireless network might even have a stronger signal and appear higher on the list. Make sure that you connect only to the official network.

When in doubt, don't trust any open network. Most free wireless networks are unencrypted--and therefore unprotected. That means that the data traveling between your computer and the wireless router is susceptible to being intercepted and viewed by other parties that happen to be within range of the wireless network. Unless you have your own secure connection, such as a VPN (virtual private network) connection to the network at your office, you should avoid using public Wi-Fi for logging in to sensitive accounts (such as your e-mail or bank account); instead, limit your Internet usage in such public places to reading the news or checking for weather updates and traffic reports.

Weak Wi-Fi Security

If you're cautious, you've already secured your wireless network with a password to keep outsiders from accessing it or using your Internet connection. But password protection alone may not be sufficient.

Use stronger encryption: Several types of Wi-Fi network encryption are available, and there are some important differences between them. WEP (Wired Equivalent Privacy) encryption is the most common variety employed on wireless networks. If you have a WEP password in place on your Wi-Fi network already, you've taken a significant step toward protecting it from intruders.

WEP encryption is better than nothing, but for stronger protection of your wireless network, choose either WPA or WPA2.
But WEP can be easily cracked: Tools are available that allow even unskilled attackers to crack the code and access your network in a matter of minutes. WEP is still helpful, since most aspiring wireless-network hijackers are not dedicated enough to take the time to break in, but to be safe you should use WPA (Wi-Fi Protected Access) or its successor, WPA2. These encryption types re­­solve the weaknesses of WEP and provide much stronger protection.

Log in to your router's console and find the wireless-security settings. There, enable encryption and select either WPA or WPA2. Enter a password, save the settings, and restart your router--and you'll start surfing more safely.

Subscribe to the Security Watch Newsletter

Comments