Cybersecurity : Home Wi-Fi

by shwolff

Wifi Security

With due respect to Allen Iverson, I know cyber security is important…but we ain’t talkin’ about corporate servers! We talkin’ about home networks! If someone hacks your home network, their only reward is use of your internet, right?

Wrong. A forum [1] related to the comic xkcd gives us some motivation for securing our home’s wireless local area network (WLAN). (N.B. The expertise of the posters on this forum — listed in [square brackets] after their point, and linked to their post — is unknown (to me). My expertise is limited. Those caveats aside, the cited postings sound legitimate, and they check out against what validation I can currently do.)

  • Waste bandwidth [EvanED]. E.g., the hackers illegally download a bunch of videos, which slows down your internet connection. Hackers might not be so nice as to restrict themselves to illegal downloads.
  • Engage in illicit activity (think: your subsequent liability). [EvanED]. The post gives a good example.
  • Access shared files [EvanED].
  • Read your traffic [Tub]. If your traffic is not encrypted, you’re sharing that activity with your hackers. If your traffic is encrypted, that gives you a secondary layer of defence, but it’s not impervious. Read on.
  • Manipulate your traffic [Tub]. In particular, if the hackers (instead of your router) can assign your device its IP address, then they could rerout that device’s traffic to the hackers’ machine. (N.B. I don’t know how feasible such an attack is, i.e. for hackers to run a custom DHCP server on a WLAN.)
  • Install malware on your router [3]. The cited article claims that, if your router becomes infected, then all devices that connect to it become vulnerable.
  • Access devices connected to your network [Tub, korona]. This type of attack exploits security vulnerabilities in the software running on your devices.

OK, OK, OK, so maybe we do care about securing our home network. How do we do it? Following are several steps we can take, gleaned from various articles online. The articles (cited after each point, and listed below) contain more suggestions and discussion. Check them out when you have time.

  • Change the manufacturer-set name and password of your wifi [2,3,4,5,6]. Choose a network name that doesn’t reveal your router’s manufacturer or your location. Choose a password that’s (very) strong. The password strength is especially important for the network administrator function.
  • Keep your router’s firmware/software up to date [2,3,4]. As noted in several articles [3,4], your router may not send you regular notifications and reminders. Fortunately, Google calendar (or an analogous service) will — just set it up.
  • Keep your router hardware up to date [3]. Technology ages. Fast. Older hardware is less likely to receive software updates and (therefore?) perhaps more susceptible to hacking.
  • Enable encryption [2,4].
  • Kill WPS [4,5].
  • One site [2] recommends turning off DHCP functionality. This appears neither important nor prudent [7].

References

  1. Why is a good wifi password necessary?” (forums.xkcd.com, 2014).
  2. How to enhance your home wireless network security“, by Ioana Rijnetu (Heimdal Security, 2018-01-18).
  3. Your wi-fi security is probably weak. Here’s how to fix that.“, by Brian X. Chen (NY Times, 2018-06-13).
  4. Your router’s security stinks: here’s how to fix it“, by Paul Wagenseil (Tom’s Guide, 2018-05-29).
  5. How strong does your wifi password need to be?” (Linkd Home, 2017-10-10).
  6. Understanding the most important wifi settings” (Net Spot App, ????).
  7. Does disabling DHCP on your router really help your security?“, by Miguel Leiva-Gomez (Make Tech Easier, 2014-05-12).

Router positioning

  1. Where to put your router for the best possible home wi-fi“, by April Glaser (Wired, 2016-03-01).
  2. The best place for your wireless router“, by Bradley Mitchell (Lifewire, 2018-05-17).
  3. Where to place your router to get the absolute best wifi connection“, by Sara Boboltz (Huffington Post, 2015-03-27).