The prevalence of connecting to the Internet wirelessly is on the rise due to availability, convenience, and the need to connect when traveling. Business travelers use wireless laptops to stay in touch with their home office, vacationers send photos to friends while still on their trip, and shoppers place orders from the comfort of their couches.
A wireless network connects computers in different parts of your home or business without a tangle of cords, enabling you to work as you please on a laptop from anywhere within range of the network. It also allows connection to the Internet from anywhere that a wireless connection is available for a small fee or even for free. Such wireless "hot spot" connections are commonly found at coffeehouses, airports, hotels and restaurants.
A typical home wireless network consists of a broadband Internet connection (such as a cable or DSL line that runs into a modem) and a wireless access point (sometimes referred to as a wireless router or base station) that broadcasts a signal through the air, sometimes as far as several hundred feet. Any computer within range that is equipped with wireless capability can gain wireless access to the Internet by connecting through the access point.
The proliferation of wireless connectivity increases security risks. The big disadvantage of a wireless network is that, without taking certain precautions, anyone with a wireless-ready computer can use your network. Your neighbors, or even hackers lurking nearby, could "piggyback" on your network, or even access the information on your computer. If an unauthorized person uses your network to commit a crime or send spam, the activity can be traced back to your account. The good news is that there are steps you can take to protect your wireless network, the computers on it and your wireless laptop used in public "hot spots" or while traveling.
Each of the following steps used singularly is not sufficient to provide adequate wireless security; therefore, the following suggestions should be adopted in tandem.
How can I Protect Myself?
- Use encryption. The most effective way to secure your wireless network from intruders is to encrypt, or scramble, communications over the network. Most wireless routers, access points, and base stations have a built-in encryption mechanism. If your wireless router does not have an encryption feature, consider getting one that does. By default, manufacturers often deliver wireless routers with the encryption feature turned off. You must turn it on! The directions that come with your wireless router should explain this process. If they do not, check the router manufacturer’s website. The two most common types of encryption are Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP). Your computer, router, and other equipment must all use the same encryption. WPA is stronger; so use that if you have a choice. It should protect you against most hackers, but by itself is susceptible to sophisticated hacker attacks. Some older routers use only WEP encryption, which is better than no encryption. It should protect your wireless network against accidental intrusions by neighbors or attacks by less sophisticated hackers. If you use WEP encryption, set it to the highest security level available.
- Use anti-virus and anti-spyware software, and a firewall. Computers on a wireless network need the same protections as any wired computer connected to the Internet. Install anti-virus and anti-spyware software, and keep them up-to-date. If your firewall was shipped in the "off" mode, turn it on.
- Turn off identifier broadcasting. Most wireless routers have a mechanism called identifier broadcasting. It sends out a signal to any device in the vicinity announcing its presence. You do not need to broadcast this information if the people authorized to use the network already know it is there. Hackers can use identifier broadcasting to locate vulnerable wireless networks. Note the SSID name so you can connect manually. Disable the identifier broadcasting mechanism if allowed by your wireless router.
- Change the default identifier on your router. The identifier for your router is likely to be a standard, default ID assigned by the manufacturer to all hardware of that model. Even if your router is not broadcasting its identifier to the world, hackers know the default IDs and can use them to try to access your network. Change your identifier to something known only by you, and remember to configure the same unique ID into your wireless router and your computer so they can communicate.
- Change your router’s pre-set password for administration. The manufacturer of your wireless router probably assigned it a standard default password that allows you to set up and operate the router. Hackers know these default passwords, so change it to something known only by you. The longer the password, the tougher it is to crack. For more information on choosing a strong password, see the complementary courseware within this Training, Education and Awareness Module entitled Creating a Secure Password.
- Allow only specific computers to access your wireless network. Every computer that is able to communicate with a network is assigned a unique Media Access Control (MAC) address. Wireless routers usually have a mechanism to allow only devices with particular MAC addresses access to the network. Hackers can mimic MAC addresses, so do not rely on this step alone.
- Turn off your wireless network or your wireless adapter at times when you know you will not use it. Hackers cannot access a wireless router when it is shut down. If you turn the router off when you are not using it, you limit the amount of time that it is susceptible to a hack. If you are traveling with your laptop but not connecting to the Internet, be sure to disable your wireless adapter.
- Do not assume that public "hot spots" are secure. Many cafes, hotels, airports, and other public establishments offer wireless networks for their customers’ use. These "hot spots" are convenient, but they are typically not secure. Ask the proprietor what security measures are in place.
Be wary about sending or accessing information from a public wireless network. To be cautious, you may want to assume that other people can access any information you see or send over a public wireless network. Unless you can verify that a hot spot has effective security measures in place, it may be best to avoid sending or receiving sensitive information over that network. Also be wary of "shoulder surfers" who will try to watch you type your password from behind and never leave your laptop unattended.