Some words to the wise: If you have a wireless Internet or network connection, make sure you have the best possible security measures in place. And don't delay.
The United States (U.S.) Federal Bureau of Investigation (FBI) recently learned that Wireless Encryption Protocol (WEP)—the basic protection against intruders—is increasingly vulnerable to accomplished hackers.
The tip came from one of the members of the FBI's longstanding InfraGard program, which brings together public and private sector security professionals to share breaking information on threats and vulnerabilities, particularly in the cyber world.
At least, change the default security on WEP. However, the FBI recommends a more secure wireless security protocol like AES, TKIP, or WPA2.
This member alerted the FBI Birmingham, Ala., office about computer hackers in Europe who have developed a method for cutting through the security provided by WEP within a matter of seconds—and who are ready to share that secret.
"We knew once that information got out—and it most likely would—these vulnerabilities were going to be exploited," says Paul Daymond, FBI representative. "So we wanted to get the word out quickly."
What is WEP?
WEP is one way computers try to keep unauthorized users from tapping
into wireless networks. A wireless network is more vulnerable to
outside hackers than a closed one, which physically connects computers
with cables.
WEP is generally the lowest level of security that comes with a
new wireless network. Hackers have been improving their abilities to get around the security settings in WEP for years. They know that most people don't even bother to set up password protection, and when they do, they simply use the default.
That can be a boon to "war drivers," people who drive around looking for unsecured wireless Internet access points to hijack. After they tap into a connection, they can do all sorts of things—including illegally sending spam or pilfering computer data, like Nicholas Tombros did a few years ago.
You might not even know if these hackers have gained access to your connection. They may be on the next street. But if they're doing something illegal with your Internet connection, it's going to come back to you.
What can be done?
At the very least, set up password protection and change the default
and security settings on WEP. However, the FBI recommends considering
changing to a more secure wireless security protocol like AES, TKIP, or
WPA2.
Don't know how to do that? Check the Web site of your wireless router manufacturer. All the major companies have Web pages devoted to wireless router security, including Check Point for:
"There's a lot of information out there about making your wireless system more secure," says James E. Finch, assistant director of the FBI's Cyber Division. "We recommend taking a layered-security approach. That is, throw as many locks on the computer to thwart these hackers as possible."
Good advice…and the FBI hopes you take it.
Source: Got a Wireless Network?: It's time to shore up security, U.S. Federal Bureau of Investigation, Headline Archives, Washington, D.C., United States of America, May 4, 2007.