dfwci.com

Computer Service / Network Integration / Performance Tuning

Home » Massive WiFi Vulnerability Exposed

Massive WiFi Vulnerability Exposed

We’ve all been warned against using public WiFi for sensitive communications like banking transactions.  You never know who is on the same network eavesdropping on your traffic.  This is just common sense.

However…  On your own personal WiFi network you feel pretty secure, right?

Maybe not so much.  For years I’ve told my clients to take extra steps to secure their home WiFi.  The simple fact is that if I want access to your WiFi network I can park a car out front and hack it in pretty short order.  Any semi-competent hacker wannabe can accomplish this task without too much difficulty.

Now a key element of your WiFi security has been rendered useless by the latest hack.

KRACK (Key Reinstallation Attack) can replace your encryption key, allowing any ne’er do well in range of your WiFi to eavesdrop on all your network traffic, which includes credit card information and passwords to all your secure online accounts.

 

  • Both WPA1 and WPA2,
  • Personal and enterprise networks,
  • Ciphers WPA-TKIP, AES-CCMP, and GCMP

Basically, any security mechanism you employ is vulnerable.

If you want all the gory details

So what do you do to protect yourself?

  1. Check your router vendor’s website for firmware updates to mitigate this threat.
  2. Render your SSID invisible.
    (disable SSID broadcast)

The SSID (Service Set IDentifier) is your WiFi network name.

First of all your WiFi network should NEVER be something that identifies you.  I’ve seen people use their actual names, street addresses, etc.  This makes it incredibly simple to target YOU personally.  Always use something cryptic that in no way whatsoever identifies you.  I personally like “FBI Surveillance Van”

In your router setup, there is the option to turn off the SSID broadcast.  In other words, when browsing for a WiFi network to connect to, you will never see it.  And neither will anyone else.  It is not “broadcast”.  It still exists, but in order to connect to it you have to know the exact name and type it in manually on your phone or computer to establish the connection.  This should be SOP (Standard Operating Procedure) for every personal or corporate WiFi network.

If you’re not comfortable making this change yourself, your Internet provider can probably help you – or you can call me.

 

Name of author

Name: Wizard

Short Bio:

The Computer Wizard (TCW). TCW was founded by Warren P. Harris in 1994 to service and repair computers in the San Francisco Bay Area. Relocating the business to Plano, Texas in 1999, TCW continued to flourish when an unfortunate loss of data for a wedding Mr. Harris photographed, caused him to research data recovery options. Realizing he would have to either pay someone to recover the photos or find out how to do it himself, the rest, as they say “is history”. Approached by a friend who was a Private Investigator in 2006, Mr. Harris studied for his Investigator’s license and began honing his skills in Computer Forensics. The company was renamed DFW Computer Integration in 2015.

Leave a Reply