Most of us believe our home is our castle. We employ an arsenal of expensive locks, home security systems, paper shredders and guns to protect what’s in it.
But what about all of our information that’s in cyberspace? Who’s minding that fort? When you stop to think about it, it’s pretty shocking that many of us haven’t secured our home wifi connections.
Drive-by Wifi Takes Off
That’s good news for the folks who do what’s called “wardriving” to locate them. Wardriving comes from the 1983 movie WarGames in which a young Matthew Broderick “wardialed” – programming his computer to dial every phone number in Sunnyvale, California to find other computer modems. A decade ago, wardriving was invented by Peter Shipley, a Berkeley computer consultant who developed the first software to automatically detect wireless networks. Shipley’s hobby was driving around with his laptop, mapping the networks.
Wardrivers are still cruising neighborhoods with software from the Internet that can sniff out unsecured wifi networks. They can be geeks locating wireless networks in a neighborhood for the fun of it. Or wardrivers can be wireless pirates looking to freeload off our home wifi connections. Even worse, they can be cyberthieves trying to access wireless networks to steal personal information like our passwords and credit card numbers.
In 2004, Florida became the first state to charge someone with unauthorized access to a computer network. The perpetrator was caught using the wifi connection at a private residence from his van parked on the street.
Wardriving is Still Widespread
Since then, wifi encryption standards have improved. But unsecured wireless networks are still very common; and that makes them easy targets for wardriving. This year, that became painfully clear when Google was accused of commercial wardriving – using its roving Street View vehicles to harvest consumer data from unsecured home wifi networks around the world. Google apologized for mistakenly collecting fragments of wireless users’ personal information during its drive-bys. But the company maintained that it had done nothing illegal. Then in October, Google admitted that it had collected more sensitive information than it originally thought – including email addresses, URLs and user passwords.
It’s important to remember that very few cases of wardriving for illegal purposes are ever detected or prosecuted. That means securing your home wifi network is critical for your Internet safety.
What You Can Do
- Use WPA instead of no encryption or WEP encryption. The old WEP (Wired Equivalency Privacy) encryption has weaknesses that make it an easy target for hackers. WPA (Wi-Fi Protected Access), or even better, WPA2 has stronger encryption.
- Change the default wireless network name and administrative password. Network devices generally come with default names and passwords which are easy to find online. Changing them makes it harder for hackers to access or attack your wireless network.
- Disable the SSID broadcast option, which allows anyone to join your wireless network. This will prevent simple attacks, but not attacks by sophisticated hackers.
- Make sure your firewall is turned on and your antivirus software up-to-date. It can reduce the damage hackers can inflict should they gain access to your network.
- Restrict access. Only allow authorized users to access your network. Hardware connected to a network has a MAC (media access control) address. You can restrict access to your network by filtering MAC addresses. This will discourage accidental connections from neighbors, but not serious attacks by sophisticated hackers.
- Use a VPN (virtual private network) like PRIVATE WiFi™ to insure that all the information transmitted over your wireless network goes through a secure tunnel that’s invisible to hackers.
In the meantime, if your wifi connection was hacked at home, we’d like to hear your story. Tell us what happened and what you did about it.