Who’s On Your Network?
I want you to do something when you get back to your house or apartment. Take out your phone or laptop, and look at the available Wi-Fi connections. Most of you will probably see multiple connections, possibly even five or more. Hopefully, all the connections are locked, i.e., a passcode is required to connect.
More importantly, I hope that your Wi-Fi connection is locked with a complex passcode. Why? Your next-door neighbor can also see your network, and they are not nearly as security aware as you. As a matter of fact, they are oblivious. A hacker operating out of Uzbekistan has been using their computer to launch attacks for the past few weeks.
And next week, the target will be you.
Like it or not, this is the reality of our interconnected world. The Internet provides great benefit in terms of bringing people together and making the world a smaller place. However, the Internet also facilitates electronic attacks on an unprecedented scale.
Attackers flow like water, seeping into every unprotected nook and cranny they can find. Once inside, the attackers lie low and watch for new, high-value targets. For example, a corporate laptop or a mobile device connected to a business network. Attackers search for any device that may be used as a stepping-stone to a larger prize.
Interestingly, I still see many people that choose to deny the risk. They continue to surf the web in a state of mindless bliss. I guess it’s the same attitude that encourages people to not wear a seat belt or to go boating without a life jacket. Time and time again, this “it won’t happen to me” attitude comes to an end when, of course, it happens to them.
In the case of cyber security, this usually means the loss of all your kid’s pictures and your financial information. In many cases, you might even lose your identity.
Security awareness is the first step folks need to take in order to use the Internet safely and with confidence. Many folks have participated in security awareness programs at their business. These programs are designed to train a workforce on how to protect the assets of the organization. Successful programs change the culture of the organization so that good security practices become habit.
In our connected society, however, security awareness and good security practices needs to extend to everyone. Everyone needs to understand that the potential exists for his or her information to be stolen, damaged or misused, whether deliberately or accidentally.
So, back to your home Wi-Fi…
In general, you can improve your security using a few simple configuration settings.
Use WPA2 encryption with a long, random, complex (non-human) password.
Never, ever use WEP encryption.
Turn off Wi-Fi Protected Setup (WPS).
Change the default password and SSID.
Turn on any built-in Intrusion Detection System.
If feasible, use MAC address filtering.
A quick search of the Internet will show that these changes will not completely secure your network. However, most attackers look for targets of opportunity. If the next guy is easier to hack, the attacker will likely hit them instead.
Cyber security awareness is an increasingly important component of our online lives. Stay tuned for more…