Wednesday 9 November 2016

Who's Hacking Your Wi-Fi?

Who's Hacking Your Wi-Fi?

Is someone secretly hacking your home Wi-Fi connection? Jonathan Parkyn shows you how to block the leeches and make your Wi-Fi hackproof

Have you ever checked your mobile phone while parked in front of your house, and noticed that you’re still connected to your home Wi-Fi network? The irony is that, even if you suffer from wireless black spots inside your own house, it’s often still possible to access your network from neighbours’ houses and gardens, or from outside on the street. And thatmeans somebody could be hacking into your Wi-Fi right now, without you ever knowing.


Don’t assume that just because your Wi-Fi is protected by a password that you’re safe, either. Anyone armed with only a basic knowledge of computers and widely available hacking tools can crack simple passwords – that are often the default option when you get your router – and start leeching off your connection within minutes. In this feature, we’ll show you how to shore up your wireless defences.

Not only can unwanted guests like these slow your internet access down to a crawl by piggybacking your broadband connection, but they could also get you into trouble with the law by using your connection for illegal purposes. Any dubious deeds carried out while connected to yourWi-Fi could be traced back to you. And once someone has hacked their way on to your wireless network, they’re in a great position to hack into your files and any devices connected to your network – including webcams and CCTV cameras.

This might sound terrifying, but the good news is that there are ways to protect your Wi-Fi and keep the hackers out. In this guide, we’ll explain how to find out whether your wireless network is vulnerable and what you must do to make sure you never get hacked.

IS YOUR WI-FI BEING HACKED?


Why anyone can be a hacker


Hackers are all geeky computer whizkids bent on bringing down governments and big corporations, right? Wrong. The average hacker is far less technically proficient or politically motivated than those you see depicted in films and TV shows or read about in newspapers.

You don’t need advanced technical knowledge and tools to hack. Indeed, many hackers are just on the lookout for unsuspecting Wi-Fi networks they can hop on to, either to disguise their illegal online activities or just for a free ride. In fact, just about anyone can hack a Wi-Fi connection. All you need is a laptop and some dedicated software, most of which is freely available on Google.

Just have a look at Cracktivator (www.snipca.com/22169), available for Windows and Android devices, completely free of charge. It claims to crack WEP, WPA and WPA2 encryption – the types of security most commonly used to protect Wi-Fi networks. According to its developers it’s “incredibly easy to use” and boasts the ability to block other users (namely those who are paying for the broadband connection in the first place) in order to speed up a hacker’s illicit connection.

Cracktivator is far from the only tool of its type. There are other tools known as stumblers and sniffers, such as Kismet Wireless, designed to uncover nearby networks, including those with hidden Wi-Fi network names (SSIDs). There’s even an entire Linux distro called Kali, which provides a suite of more than 300 hacking tools right off the bat – all for free. Anyone can download Kali and boot it from a USB stick. It’s supposed to provide a toolkit for ‘ethical hacking’ but can be put to use for some decidedly unethical purposes in the wrong hands.

Check your router for leeches


So how do you know if someone is using tools like these to hack your Wi-Fi? Your first port of call should be your router, which will provide a list of devices that are currently connected to your network.

Precise instructions for locating this list varies, depending on your router’s make and model, but the principle is more or less the same in most cases. All routers come with a configuration tool – either a desktop program or a web-style interface accessed through a browser by typing a URL and logging in with an admin password. Check with your router’s instructions if you’re not sure how to access this.

Users of BT Home Hub routers may even find they don’t need to log in to see who’s connected – a basic page of information, including a list of devices currently connected to your network, is available just by typing the router’s IP address – 192.168.1.254 by default. On other routers, look for a Client List or Connected Devices option in the configuration tool – these may be listed in the Network or Advanced section.

Check carefully through the devices listed. Look for anything among the computers, tablets, phones, smart TVs, TV streamers, portable speakers and other devices listed that you don’t recognise. Some devices may be listed by name; others may be listed as seemingly random numbers (known as a MAC address) or as ‘unknown’.

This shouldn’t make you immediately think ‘hacker’, because some of your own devices may show up as unknown. You should be able to rule these out by a process of elimination. List the devices that you know are connected to your Wi-Fi (and switched on) and see if the number tallies. If you switch off a device it will disappear from the list of actively connected computers, tablets and so on, so you’ll be able to work out the identity of unknown devices (you can also use Wireless Network Watcher for a second opinion). If, after all your checks, there are connected devices listed that you still can’t account for, then it’s possible you’re being hacked right now.

Find out who’s connected to your Wi-Fi


You can’t monitor your router’s device list all the time, of course, so it’s easy to miss hackers who worm their way on to your Wi-Fi while you’re not looking. To combat this you can use software that keeps an eye on things for you.

GlassWire (www.snipca.com/22178), for example, is a firewall that includes the ability to monitor any devices that connect to your network. However, while there’s a free version of GlassWire available, the network-monitoring feature is only available in paid-for versions, which start at around £53. Happily, there are free tools that can provide similar benefits.

One such tool is NirSoft’s Wireless Network Watcher v2.02 – download it for free from www.snipca.com/22177. It’s safe to use and doesn’t need installing – just extract the program from the ZIP file you downloaded and double-click it to run it. It will scan your Wi-Fi network and list all connected devices.

Wireless Network Watcher can also help if you’re still struggling to identify those ‘unknown’ devices that are connected to your Wi-Fi. It will identify the manufacturer of most devices, thereby providing you with a clue as to what that mystery device is.

We recommend you leave the program running continuously in the background for a few days to see if it detects any suspicious activity. You don’t need to keep a constant eye on it either – click Options, then Beep On New Device to have the program sound an alert whenever a new device connects. To see a log of what has connected to your Wi-Fi network while it’s been running, click Options, then Show All Previous Devices. Any devices that were connected, but then subsequently disconnected will be marked with a cross in a red circle.

Check for DNS hijackers


Another way your internet connection can be hacked is by DNS hijacking. This is when someone changes the settings on your router without your consent – usually via a malware infection – allowing hackers to redirect you to fake websites, even when you use real URLs, links or bookmarks. Security firm F-Secure offers a free online tool that can check your router to see whether its DNS has been hijacked. Go to www.snipca.com/22180 and click the ‘Check your router’ button. If the tool discovers anything suspicious, you probably have malware on one of your computers. Run a full scan with your antivirus tool to locate and remove it.

MAKE YOUR WI-FI HACK-PROOF


Use the best possible encryption


Most of us know that leaving our Wi-Fi connection unsecured is tantamount to inviting criminals into your home for a nice cup of tea. But, even if your connection is encrypted, it can still be vulnerable.

If you’re still using WEP protection to protect your Wi-Fi network, then stop now. WEP was the default encryption method used to secure many routers a few years ago, but it’s just not safe enough and hackers can easily crack it.

Your router should offer alternative methods of encryption. Log into your router’s configuration tool, then look for the Wireless or Security section. Check to see which type of security is being used and, if possible, switch to WPA2 (it may be listed as WPA2-PSK). If you’re offered the choice of WPA2-PSK (TKIP), WPA2-PSK (AES) or both, then make sure you opt for AES only. Like WEP, TKIP is no longer considered secure and could even slow your connection.

If your router doesn’t offer WPA2 encryption, try updating its firmware. If it still doesn’t offer WPA2, then it’s time to get a new router. Your internet provider may send you a new router for free if you give them a call, so try this first before spending any money.

Strengthen your Wi-Fi passkey


Another critical factor is the strength of the passkey used to connect to your Wi-Fi. Even with WPA2 encryption, it’s theoretically possible for hackers to crack weak passwords using brute-force attacks or by intercepting data transmitted when a ‘Wi-Fi handshake’ takes place (the moment when devices connect and exchange encryption keys). By exploiting this chink in your router’s encryption armour they can then use a free passwordcracking tool, such as Hashcat (http://hashcat.net), to work out what passkey you use.

Don’t assume the default wireless key provided with your router is strong enough, either. It’s best to set your own, so head to the Wireless or Security section of your router’s configuration tool. All the usual password-creation advice applies – use a mixture of letters and numbers and don’t include names, birthdays, sequential characters, and so on. With WPA2 encryption, longer passkeys are harder to crack than shorter ones. The minimum number of characters for a WPA2 passkey is eight, but you should consider a longer one – around 15 characters should be secure enough. A passphrase – a combination of totally unconnected words – is also secure and can often be easier to commit to memory.

Don’t hide your SSID


Some routers offer the option to hide your Wi-Fi network name – or SSID – and it’s a common misconception that doing so will help to protect it. It’s true that hiding your SSID will prevent your network from showing up in the list of available wireless networks on devices in range. But, in practice, this makes no difference to a prospective hacker, who’s likely to be using a sniffer tool, such as Kali or Kismet, that can easily uncover hidden SSIDs. In fact, hiding your SSID may only serve to draw unwanted attention from nearby hackers looking for hidden networks that might lead them to valuable personal data.

Hidden SSIDs are a pain to deal with at home too, because you’ll need to manually enter your network name every time you want to connect a device. And, as they offer zero extra security, there’s very little point in using one. Disable this setting in your router’s wireless settings if it’s switched on.

Update your router’s firmware


Keeping your router up to date can help to bolster its security, by fixing flaws and offering new features, such as support for better encryption methods.

Checking for and updating firmware works differently from router to router. Some models check for and install firmware updates automatically. Others may offer a way to check and update firmware via their configuration tool or desktop program (look in the System or Maintenance section, or similar). Alternatively, you could look up your model on the manufacturer’s website for available downloads and installation instructions.

If you’re going to update your router’s firmware, make sure you back up your settings first. There should be a backup option available in the System or Maintenance section of the configuration tool.

Stop hackers changing your router’s settings


A vulnerability many routers share is the admin password used to log into the configuration tool. This is usually set as something basic (usually ‘admin’) by default and, if you haven’t changed it to something else, it’s often easy for hackers to guess.

If you don’t want anyone accessing your router’s settings (and you definitely don’t), change the admin password to something that’s hard to crack, using the usual rules of password creation we covered on page 53. Log into your router’s configuration tool or desktop program and look for an option to change the admin password in the Management or System section.

Some routers let you log into their configuration tool remotely – from outside your own network over the internet. The trouble with this is that it potentially opens a backdoor for hackers, so unless you use this feature, it’s best to disable it. Again, look in the Management or Admin section of the router’s software for a Remote Administration or Management option and turn it off it it’s enabled.

Make sure WPS is disabled


Wi-Fi protected setup (WPS) is a nice idea but it could leave your Wi-Fi network exposed to hackers, even if you’re using WPA2 encryption and a strong passkey. Available on many modern routers, WPS lets you use a PIN code or a push-button to quickly connect new devices to your wireless network (rather than having to enter your Wi-Fi passkey every time). The trouble is that, while the push-button method is relatively safe, the PIN code method isn’t, as it works using two separate blocks of four-digit codes. These are very easy to crack, as there are only 10,000 different combinations (something that hackers can decode in no time).

Even if you stick to using the push-button method, WPS isn’t safe, because its specification states that all WPS-compatible routers must support PIN access too. Our advice is to switch it off altogether if your router lets you. Check in the Wireless section of your router’s configuration tool for an option to disable it.

Don’t bother with MAC filtering


Most routers provide an option to block all connections other than those that come from authorised devices. Known as MAC filtering, this works by allowing only connections from a whitelist of MAC addresses – unique codes that identify each device on a network. Theoretically, allowing only specific devices to connect to your Wi-Fi should be a very safe way to protect your network. But there’s a problem – it’s actually relatively simple for hackers to find out and spoof the MAC addresses of authorised devices, and thereby gain access to your network. They would need to disconnect the real device first, but this can be done via a ‘deauth’ (short for deauthentication) or ‘deassoc’ (short for disassociate) attack, using free tools, such as the aforementioned Kali distro. Given this fundamental flaw, we’d advise against using MAC filtering.

SECURE WINDOWS 10


Protect shared files and devices


If you share files between PCs at home, you’re potentially leaving your files wide open to any hackers who can gain access to your Wi-Fi network.

The easiest way to protect shared files in Windows 10 is to create a HomeGroup. HomeGroups can be made up of computers running any combination of Windows 7, 8 or 10, and are protected by a secure password so only computers that belong to the same HomeGroup can access shared files.

Click Start, type homegroup and press Enter. If you don’t currently have a HomeGroup set up, click the ‘Create a homegroup’ button and work through the instructions, choosing which items you’d like to share (Pictures, Videos, Music, Documents, Printers & Devices) and making a note of the HomeGroup password when prompted.

On your other PCs, click Start, type homegroup and press Enter. Now that you’ve set up a HomeGroup you’ll see a different screen. Click ‘Join now’ and follow the onscreen instructions, again selecting the files you want to share and entering the HomeGroup password you noted down.

Protect your files on public networks


HomeGroups only protect shared files over your private home connection, so make sure your PC’s sharing setting for other types of networks are also secure.

Click Start, type advanced sharing and press Enter. Click ‘Guest or Public’ (Public on Windows 7) and select ‘Turn off network discovery’ and ‘Turn off file and printer sharing’. This will stop your computer being visible when it’s connected to a public Wi-Fi hotspot. Next, click All Networks. Make sure ‘Public folder sharing’ is switched off, ‘128-bit encryption’ is selected and ‘Turn on password-protected sharing’ is enabled. Click ‘Save changes’ when you’ve finished.

Stop hackers switching on your PC remotely


The setting ‘Wake on LAN’ (WoL) or ‘Wake on Wireless LAN’ can be extremely useful. For example, if you’re at work and you realise you need something from your home computer, you can use software to remotely switch on and access your files. In theory, WoL is pretty safe – in order to turn on and access your computer remotely, someone would need lots of information that’s virtually impossible to get hold of, and then bypass your firewall and security software. However, it’s theoretically possible for a hacker to use sniffer software to find out your network adapter’s MAC address and crack your passwords. So, if you never (or rarely) use WoL, then it’s best to turn it off until you need it.

Click Start, type device manager and press Enter. Click ‘Network adapters’, then right-click your adapter and select Properties. Click the Power Management tab, then untick ‘Allow this device to wake the computer’ and click OK.

Require a password when waking from sleep


Wi-Fi isn’t the only way hackers can access the files on your PC. Gaining physical access to a computer – a lost or stolen laptop, for example, or a PC in a public place, like an office – could allow criminals to gather logins, credit-card numbers, bank details and more. The way to prevent this happening, of course, is to protect your PC with a password. But many PCs aren’t configured to require a password when woken from sleep mode.

In Windows 7, the option can be found in Power Options within Control Panel. Microsoft likes to keep us on our toes, though, and has helpfully changed its location in Windows 10. To find it click Start, Settings, Accounts, then ‘Sign-in options’. Select ‘When my PC wakes from sleep’ within the ‘Require sign-in’ section to make sure your PC is protected.


WHICH WIRELESS DEVICES ARE SUSCEPTIBLE TO ATTACK?


It’s not just the data stored on your PC that’s vulnerable to Wi-Fi hackers. Crooks can also exploit wireless vulnerabilities to gain access to other devices.

WEBCAMS
Recently, Facebook boss Mark Zuckerberg inadvertently revealed just how paranoid he is about hackers, when a press shot showed he’d taped over his MacBook’s built-in webcam (www.snipca.com/22227).

WIRELESS SECURITY CAMERAS
Network security cams are designed to protect your home, but could be used to spy on you instead. Never use its default admin password and make sure your Wi-Fi is watertight.

CARS
Earlier this year, a security flaw was found in Mitsubishi’s Outlander hybrid car that let hackers remotely disable the car’s alarm and other tech.

BARBIE DOLLS
Last year, Mattel’s Wi-Fienabled Hello Barbie doll was discovered to have a vulnerability that meant hackers could use the toy’s built-in microphone to spy on children and record their conversations.


PROTECT YOURSELF ON PUBLIC WI-FI


Public Wi-Fi hotspots in cafés, hotels and airports are prime opportunities for hackers to intercept data and access your files. But there are ways you can protect yourself.

1 DON’T USE OPEN PUBLIC WI-FI SOURCES
Wi-Fi connections that don’t require a password to connect are highly unsafe. Check your PC, phone and tablet to make sure it’s not set to automatically connect to unsecured networks. On a Windows 10 laptop, for example, click Start, Settings, Network & Internet, Wi-Fi, then click ‘Manage known networks’. Click any you don’t want, then click Forget.

2 SECURE WINDOWS
Turn off Windows sharing and make sure your firewall is switched on.

3 USE ‘HTTPS EVERYWHERE’
This is a free extension (www.snipca.com/22187) for Firefox and Chrome that forces your browser to connect to the secure HTTPS version of any website.

4 INSTALL A VPN
This is the most effective way of staying safe on public Wi-Fi, as it re-routes all traffic to and from your device through encrypted servers. TunnelBear (www.snipca.com/22188) is simple to set up and use – and it’s free.