Wi-fi security: what is it and what are the wireless protocols?
In recent years, thanks in part to the spread of remote working, home wi-fi security has become a key issue. In fact, believing that cyber security concerns only public bodies, large enterprises or SMEs is a mistake that can expose anyone to cyber attacks.
What is wi-fi security? It is the protection of connected devices and networks in a wireless environment in order to prevent unauthorized access by unwanted users. Without wi-fi security, anyone with a computer or mobile device within range of the wireless signal could reach network devices, such as a wireless access point or router. This means that without proper protection, cybercriminals can easily gain access to sensitive data, steal a user’s identity, or install malware on the home network.
However, there are wi-fi security protocols certified by the Wi-Fi Alliance that use encryption to protect networks and information. The Wi-Fi Alliance is the nonprofit organization that holds the Wi-Fi trademark and promotes wireless technologies and interoperability.
Let’s look at the different types of Wi-Fi protection:
- WEP (Wired Equivalent Privacy)
The Wi-Fi Alliance introduced WEP as a security standard in 1999. It offered the same security benefits as a wired connection, but as computing power increased, several WEP vulnerabilities emerged, and despite efforts to improve it, the Wi-Fi Alliance officially withdrew it in 2004.
- WPA (Wi-Fi Protected Access)
The protocol was released in 2003 with the goal of fixing the growing vulnerabilities of its predecessor. The WPA Wi-Fi protocol is more secure than WEP because it uses a 256-bit encryption key, which is a major upgrade from the 64- and 128-bit keys of WEP. In addition, WPA also uses the Temporal Key Integrity Protocol (TKIP), which dynamically generates a new key for each packet or unit of data and is much more secure than WEP’s fixed-key system. However, WPA had flaws, which is why it was replaced by WPA2. Despite this, it is still available to connect older wi-fi devices that are not compatible with the new protocol;
- WPA2 (Wi-Fi Protected Access 2)
It is the second generation of the Protected Access wireless security protocol. Like its predecessor, WPA2 is designed to protect Wi-Fi networks and ensures that data sent or received over the wireless network is encrypted so only people with the network password can access it. In the updated version of the WPA protocol, the Temporal Key Integrity Protocol has been replaced by the Advanced Encryption System (AES), which allows verification of the authenticity and integrity of messages;
- WPA3 (Wi-Fi Protected Access 3)
It is the newest wireless security protocol and offers easier configuration and greater security than its predecessors, thanks to Perfect Forward Secrecy (PFS) encryption. WPA3 introduces new features, including custom data encryption and the Simultaneous Authentication of Equals protocol.
What are the risks of an unsecured Wi-Fi network?
Home Wi-Fi networks that lack robust security are vulnerable to cyber attacks and threats, especially considering the increased use of mobile technology to access the Internet.
Cisco Systems Inc. a.k.a Cisco, a U.S.-based multinational company specializing in the manufacture of computer networking equipment and accessories, has identified the main risks of not paying attention to cybersecurity at home.
Here are reasons why wi-fi security should be a priority for all users:
- IP spoofing: cyber criminals use a false source IP address to penetrate wireless networks. In this way they can install malware, initiate distributed-denial-of-service (DDoS) attacks or perform other malicious actions;
- DNS cache poisoning: this cyber attack breaches a network and diverts traffic to another server. The risk to users is to connect to a malicious version of the original network. This attack can have several objectives, including spreading viruses or worms (making the user think they are downloading uninfected files), phishing to collect personal information, man-in-the-middle attack, and Denial of Service attack (making the user think the server is unavailable);
- Piggybacking and wardriving: piggybacking occurs whenever someone gains access to a restricted area with the permission of an authorized person – in most cases obtained by deception – for the purpose of stealing information or performing illegal activities. Wardriving, on the other hand, is an activity that involves tapping Wi-Fi networks with a laptop, usually paired with a GPS receiver to pinpoint the exact location of vulnerable access points, while driving or walking around. Once inside the private network, the cyber criminal can steal sensitive data, redirect traffic to infected sites or spread malware.
How to protect the home network?
Changing the SSID (Service Set Identifier) of the router and changing the default passwords of network devices to more complex ones are a simple but effective way to improve wi-fi security. But that’s not enough.
We want to share some tips to protect your home network and not fall victim to cyber attacks:
- Enable MAC (Media Access Control) filtering, a unique code or number used to identify individual devices on a network, which restrict access to a Wi-Fi network;
- Use WPA, WPA2 and WPA3 security protocols, which rely on encryption to protect Wi-Fi networks and devices. If possible, enable two-factor authentication for identity verification;
- Choose a reliable VPN (Virtual Private Network) that creates a shield against online dangers, providing privacy, anonymity and data security;
- Update router firmware to prevent cyber criminals from exploiting any vulnerabilities, and disable remote access to protect the network from intrusion attempts. In addition, it is a good idea to use a home firewall to secure all devices connected to the network and periodically perform software updates for any devices.
