The latest security update from our IT Security Officer, Graeme Wolfe, looks at one area of home security you may have overlooked.
How secure is your home?
I’m not talking about the windows and doors, which we all secure and lock before leaving our homes. I’m talking about the other access point into your home and also your life – Wi-Fi
There was a recent article where a technology journalist followed two testers as they hacked into the Wi Fi connected devices in his home. See here
Some 5 years ago, when Google was doing its original Street View surveys, as the cars were driving around taking pictures, they were also ‘listening’ out for Wi-Fi signals. Google got into a lot of bother over this data collection, but it found that nearly half of the Wi-Fi signals they scanned were unsecured. Which highlighted the levels of insecurity on many home wireless networks. See here
These days, with new technologies, more of you may be working from home and connecting your University laptop through your private home wireless network, or you and your family / friends will have many more devices which will want to connect to your Wi Fi.
Your link to the University can be made over a secure connection (by using the University’s’ VPN portal) but you should ensure that you have adequate levels of security on your home wireless network or you could be open to cyber attack or theft / misuse of your broadband to download illegal or pirated material.
Here are some basic general steps that you can take to help secure your wireless access and network, and help keep yourself safe.
- Use encryption on your wireless access points (WAP)
The first and most important way to protect your wireless network is by using encryption. This scrambles data on your wireless network so that only computers with the encryption key can read your communications.
If your wireless router and all of your wireless computers and devices support it, WPA2 encryption should be your first choice as it provides the highest level of encryption available.
Use a strong password for your encryption key – for example, a combination of upper and lower case letters, special characters and numbers, ideally totaling 9 characters or more.
- Change the default settings
Always change the details from the manufacturers default settings the device came with.
If you are using the manufacturer’s standard router and security codes that were supplied with the router; remember that this information is likely to be the same for every other router the manufacturer supplies, so it would be a simple matter for a hacker to find out what the standard codes are and then try them to access your network.
Try it for yourself by typing in your routers name, model and the word ‘password’ into a search engine. Often the default username is ‘admin’ and the password is ‘password’.
- Be obscure or disappear altogether!
All wireless routers should have obscure identities. Don’t make it obvious who owns the connection or put in any real information that will reveal your location or name. Be vague and use something like ‘wireless_1’ or ‘router_1’ that doesn’t give anything away. Also change the default setting, which is usually the name and model number of the router. Leaving it like that, helps hackers with item 2 in the list.
Better still don’t broadcast your SSID. Most routers allow you to turn off the sending out of the wireless network name, so you have to know what it is called before you can connect to it. That stops the casual man in the street from finding it and hooking onto it.
- Patch your OS, Install Anti-Virus and a Firewall
All devices that connect to the internet should have their OS patched and have AV running on them.
Firewalls act as a barrier that either blocks information coming through or lets it through. So make sure you have a firewall installed and that it’s switched on. You can view a list of popular software firewalls here
Many routers have a firewall built into them, but a software firewall also helps to protect your personal computer / device, by preventing unauthorised users from accessing your device through the internet or a network, especially when connecting using public Wi-Fi.
- Position access points carefully
Access points transfer data between your devices, so try to position them away from the outside wall of your building to reduce leakage of radio signals. This will minimise the chance of interception from outside.
- Do you need to use wireless?
Wi-Fi is fine when you are travelling or need access from different locations when working. But when you are at home:
Do you regularly sit in the same place when working?
Are you only a short distance away from your router when using your computer?
Are you using wireless because it was available on the router your ISP provided you with?
Have you considered not using wireless?
Wired access is much faster and very secure in comparison to wireless. Just plug in a network cable from your computer to your router and you are done. Cheap, simple and requires no technical know how. Plus network cables can be up to 100 meters in length before needing to be boosted.
Please note the FixIT Helpdesk are unable to provide specific information or instructions on how to secure your personal network and router at home, as all manufacturers use slightly different systems and settings for their devices.
If you do not feel technically competent to undertake this work, then there are many web sites dedicated to helping people do this, some even have videos and simple step by step guides.
For more information I would either suggest searching online for “How do I secure my network + name and model of router”, or searching for on line manuals on the router manufacturer’s web site, or contacting the supplier of the router directly for technical advice.
Graeme Wolfe – Information and IT Security Officer – 23/03/2016