Blog | G5 Cyber Security

WiFi Hacking: Risks & Protection

G5 Cyber Security

TL;DR

Yes, you can be hacked through WiFi, but it’s not as easy as movies make out. Using strong passwords, keeping your devices updated, and being careful about public networks significantly reduces the risk. We’ll cover how hackers do it and what you can do to protect yourself.

How Hackers Can Use WiFi

  1. Unsecured Networks: The easiest way is through open (no password) or poorly secured WiFi networks. They intercept your data as it travels between your device and the internet.
    • Man-in-the-Middle Attacks: Hackers position themselves between you and the access point, reading everything you send and receive.
    • Packet Sniffing: They capture network traffic to look for sensitive information like passwords or cookies.
  2. Weak Passwords: Easily guessed passwords are a hacker’s best friend.
  3. Rogue Access Points: Hackers set up fake WiFi networks that look legitimate (e.g., “Free Public WiFi”). When you connect, they control your connection.
    • They often have similar names to real networks.
  4. WiFi Pineapple Attacks: A more sophisticated tool used to create rogue access points and intercept traffic.
  5. WPS Vulnerabilities: Older WiFi routers may have weaknesses in their WPS (WiFi Protected Setup) feature, allowing hackers to crack the password. 
    • sudo aircrack-ng wps_pin

      – This command is used with tools like Aircrack-ng to attempt cracking a WPS PIN.

How to Protect Yourself

  1. Strong Passwords: Use long, complex passwords (at least 12 characters) with a mix of uppercase and lowercase letters, numbers, and symbols.
    • Avoid using personal information.
    • Use a password manager to create and store strong passwords.
  2. Enable WPA3 Encryption: If your router supports it, use WPA3 encryption for the strongest security.
    • Check your router’s settings (usually accessible through a web browser – see your router’s manual).
  3. Disable WPS: Turn off WPS in your router’s settings if you don’t need it.
  4. Keep Your Devices Updated: Software updates often include security patches that fix vulnerabilities.
    • Enable automatic updates on your devices whenever possible.
  5. Be Careful with Public WiFi: Avoid using public WiFi for sensitive activities like online banking or shopping.
    • If you must use public WiFi, use a Virtual Private Network (VPN) to encrypt your traffic. 
      openvpn --config myvpn.ovpn

      – Example command to connect via OpenVPN

  6. Firewall: Enable the firewall on your computer and router.
  7. Network Monitoring: Regularly check connected devices on your WiFi network to identify any unauthorized access.
  8. MAC Address Filtering (Advanced): Allow only specific devices with known MAC addresses to connect to your WiFi network. 
    arp -a

    – Use this command in a terminal or command prompt to find the MAC address of connected devices.

Checking Your Router Security

  1. Access Your Router Settings: Open a web browser and enter your router’s IP address (usually 192.168.1.1 or 192.168.0.1). You’ll need the administrator username and password.
  2. Check Encryption Type: Look for the security settings to see if WPA3, WPA2, or WEP is enabled. Use WPA3 if available; otherwise, use WPA2 with AES encryption.
  3. Update Firmware: Check for firmware updates and install them promptly.
Exit mobile version