Here are two Wireless Network (WIFI) true stories I would like to share.
The first one happened to one of my sisters, the other is something I discovered a long time ago while hacking around my network.
Those Friendly Neighbors:
One of my sister’s condo neighbors only visited their condo as a weekend getaway place. They asked my sister, who lived there permanently, if they could use her WIFI while visiting. Being fairly ignorant of the risks, my sister shared her SSID key with the elderly couple.
Many months later, my sister received a letter from her internet service provider warning her that legal procedures might occur if she continued to illegally download movies from torrent sites. In that letter, they accused her of downloading several Hollywood blockbuster movies. To her amazement, my sister called her provider to get some clarifications and state her case that she never downloaded such movies. It was only then that she realized her mistake.
The son of the elderly neighbors often used their condo for a weekend getaway, and while visiting, he used my sister’s WIFI to download movies using the Torrent file service protocols. In those days, Hollywood studios would activate their own torrent servers, sharing many recent Hollywood movies to collect IP addresses of connecting clients, and then launch investigations into the origins of those IPs by contacting each internet provider who was allocated those IPs.
In Canada, ISPs aren’t supposed to share their clients’ information with Hollywood studios but would send letters to individuals who used torrent services for copyright infringements. I don’t know about you, but I call this entrapment and wonder about the legality of this practice. Nevertheless, violating copyrights is not something people should willingly perform.
The conclusion of this story is obvious. She changed her SSID access key and never shared it with neighbors ever again.
The Power Failure Exploit:
Following a power blackout lasting several hours, I was still doing some work on my laptop, which was powered by an internal battery. The time came that electricity was restored in my neighborhood, and everything started powering up. As I was monitoring the WIFI networks to see my SSID come online, I noticed many of my neighbors’ WIFI routers re-advertise their router SSID names but without any protection keys. I selected one of those SSID names and realized that it would allow me to connect remotely to my neighbor’s WIFI router without any keys. I then launched a browser and connected to that router’s internal IP address (http://192.168.0.1) and was allowed complete access without any prompt to authenticate. Was this just a fluke?
I repeated these steps on all the WIFI routers of other neighbors, and all of them allowed me unrestricted access. While in the administrative console of each router, I downloaded each router configuration file and started examining them.
After 5 minutes or so, all the WIFI routers of my neighbors protected their access with a key and locked everything up nicely. At that moment, I realized that I exploited a weakness in the design. By default, the WIFI router provided by the internet service provider would allow unrestricted access after a power failure. This can be considered a backdoor of some sort to allow their customers to retrieve and reset WIFI routers in case of a lost password, which would lock them out. Obviously, this is a “by design” back door and is a default feature of all the WIFI routers distributed by the internet service provider.
I began examining the configuration files I downloaded while I had temporary full access to my neighbor’s router and noticed that SSID access keys and stored administrative passwords were stored in clear text in the saved configuration files. So, I could, if I wanted to, reconnect to neighbors’ wireless access points after their routers came out of “recovery modes” and re-applied access security.
In the following days, I informed each of my neighbors of my discovery and suggested that they change their passwords. I also told them that unless their WIFI routers were on a UPS (Battery Backup) of some kind, anyone knowing this router’s weakness could exploit it going forward.
This exploit was fixed over the years as more and more provided routers come with some sort of battery backup system built into the router, especially those ISP routers providing Voice over IP. However, not all provided equipment has battery protection, and default manufacturer settings can be exploited if they are known to hackers.
I did contact the internet service provider and opened a ticket to inform them of this security flaw. I also informed my neighbors about the situation and assured them that I would not exploit this security hole, as I’m a professional in the IT field, and they trust me. I asked them not to disclose this finding to anyone, especially to their teenage kids who might find it hilarious to go out and try to explore everyone’s WIFI router after the next power failure.
Conclusion: Knowing the undocumented “default” features of equipment can become an easy way into those systems. I treat WIFI as a high-risk device, and I don’t use it for purposes other than entertainment streaming. My most sensitive devices use wired connectivity, not wireless.
Here’s a short list of recommendations to help protect a wireless network:
- Strong Passwords:
- Use a strong, unique password for your Wi-Fi network. Avoid using default passwords provided by the router manufacturer.
- WPA3 Encryption:
- Enable WPA3 (Wi-Fi Protected Access 3) encryption on your router. This is the latest and most secure Wi-Fi encryption protocol.
- Network Name (SSID) Management:
- Change the default SSID (Service Set Identifier) of your wireless network to something unique. Avoid using easily identifiable information, such as your name or address.
- Disable SSID Broadcasting:
- Disable the broadcasting of your SSID to make your network less visible to casual users. While this won’t provide robust security on its own, it adds an extra layer of obscurity.
- Update Router Firmware:
- Regularly update your router’s firmware to ensure you have the latest security patches. Check the manufacturer’s website for updates.
- Network Segmentation:
- If possible, set up a guest network separate from your main network. This can prevent guests from accessing sensitive devices on your primary network.
- Firewall Configuration:
- Configure your router’s firewall to filter incoming and outgoing traffic. This adds an additional layer of protection against unauthorized access.
- MAC Address Filtering:
- Enable MAC address filtering to only allow specific devices to connect to your network. While not foolproof, it adds another hurdle for unauthorized devices.
- Disable Remote Management:
- Turn off remote management features on your router unless absolutely necessary. This reduces the risk of unauthorized access from external sources.
- Use a Virtual Private Network (VPN):
- Consider using a VPN, especially when accessing your network remotely. This encrypts your internet connection, adding a layer of security.
- Regularly Monitor Connected Devices:
- Periodically review the list of connected devices on your network. Disconnect any unauthorized devices and update your Wi-Fi password if needed.
- Physical Security:
- Place your router in a secure location to prevent physical tampering. Physical security is an often overlooked aspect of network protection.
By implementing these recommendations, you can significantly enhance the security of your wireless network and reduce the risk of unauthorized access or data breaches.
All Things Secured: 5 EASY Ways to Secure Your Home WiFi Network (& protect your devices!)