Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Four lesser-known Wi-Fi security threats and how to defend against them

Eric Geier | Jan. 26, 2017
You’ve hardened your network against all the common weaknesses, now we’ll show you how to take your wireless security to the next level.

It’s common knowledge that the best way to protect your home Wi-Fi network is by using a strong password. This will keep uninvited guests away and protect your network so eavesdroppers can’t intercept your communications. And we’ve known for more than a decade now that the old Wired Equivalent Privacy (WEP) is so insecure that cracking it is practically child’s play.

Once you’ve protected your network with Wi-Fi Protected Access 2 (WPA2), here are four other vulnerability scenarios you should guard against.

Change your default wireless settings

Some modem/router manufacturers and ISPs preconfigure their gear with Wi-Fi encryption using a default password. This is often printed on a label on the device itself or on its shrink wrap, so that your wireless network is protected from the instant you take it out of the box. Great idea, right? It’s not if that Wi-Fi password can be easily discovered.

One insecure default setting scheme used by various companies is putting a portion of the device’s MAC address and/or default SSID (network name) in the Wi-Fi password. For instance, my ARRIS gateway supplied by Time Warner Cable comes with the default SSID of TG1672G02 for its 2.4GHz network and TG1672G02-5G for its 5GHz network, both using a default password of TG1672G1E1F02. That looks fairly secure at first glance, since it’s at least a combination of letters and numbers, but its comprised partially of the gateway’s model number—TG1672G—and partially of its MAC address: D4:05:98:1E:1F:02.

ARRIS router label  

Here’s the label on my ISP’s gateway, showing the insecure default Wi-Fi name and password.

With its default settings, my gateway’s SSID is clearly advertising the exact gateway model I have. A hacker could do some easy research to find known security holes. Secondly, the remaining portion of the default password is the last 6 digits of the gateway’s MAC address for 5GHz, marked as CMAC on my gateway’s label. This MAC address is also broadcast and can be picked up by anyone with a Wi-Fi analyzer as simple as a free Android or Windows app.

Wi-Fi app 

Here’s the Wi-Fi Analyzer app, giving anyone within range who understands the password scheme all the details they need to connect to my Wi-Fi network. 

Now that we know how the default Wi-Fi password is structured on these devices, we can likely connect to other people’s networks that have the same gateway model. A neighbor of mine actually has the same exact SSID as me, but it would likely be illegal for me to attempt to connect to it. So let’s assume for the sake of this argument that my neighbors didn’t change their default password and I could connect if I tried. Your neighbor (or a hacker driving by) might not be so nice, so take a few seconds to change your router’s and/or gateway’s default SSID and Wi-Fi password.

 

1  2  3  4  Next Page 

Sign up for CIO Asia eNewsletters.