Hacking Home WLANs

Don't forget to lock down your users' home WLANs

Dark Reading logo in a gray background | Dark Reading

It's a great idea to have employees working from home via wireless connections. Unless, of course, hackers break into those employees' wireless LANs -- and potentially compromise your entire enterprise network.

Researchers say it's way too easy to break into most home WLANs because most users typically leave their wireless routers configured with the default SSID, administrative password, and unencrypted settings. That makes the home WLAN a welcome mat into the user's corporate network.

"It's scary how vulnerable these networks are," says Ken Baylor, director of market development and strategic alliances for McAfee. In some recent war-driving tests, McAfee found half of home wireless LANs were unprotected and unencrypted, Baylor says. And few enterprises are paying attention to their users' home WLANs.

The safest bet is a secure VPN connection for your users, researchers say. Even a well-secured home WLAN with a WPA/WPA2 encryption and a unique SSID is still not as safe as a secure VPN link. That's because the wireless encryption ends where the wired network begins.

But even with a VPN, a user can contract spyware and suffer from a keylogging attack, Baylor says.

Meanwhile, most home users run WEP encryption or none at all, he says. Only about 10 or 20 percent run WPA. The 128-bit WEP encryption isn't enough: Baylor says his team was able to crack WEP encryption on a wireless router in less than two minutes.

WEP is notoriously weak for encryption, security researchers say. "If anyone is using WEP to keep anyone except their kid sister from reading their mail, they're in trouble," says one researcher who requested anonymity. "Even WPA-PSK with a weak passphrase is way better then WEP."

Even more dangerous than an attacker eavesdropping or piggybacking on your user's home WLAN is what Baylor calls the "evil twin" attack, basically a phishing scheme that sends the machines to corrupted servers posing as a trusted resource. All it takes is hacking into a Linksys wireless router's DHCP setting, for instance.

"So if the user types in 'bankofamerica.com,' he's sent to a phishing site" that looks exactly like the real one, Baylor says, and it's totally transparent to the user.

"These attacks are simple to set up and get running," Baylor says. "They are undetectable, so it's very likely these have been done."

In an evil twin attack, the hacker basically intercepts and redirects the user to the fake site and steals his bank account or other sensitive data, says Corey O'Donnell, vice president of marketing at Authentium. (See Insecure at the Airport?) The hacker simply logs on as the system admin of the wireless router, which is a no-brainer when the user leaves it in the default setting.

"But home users are no less secure than other non-corporate entities," O'Donnell says. "The vulnerabilities are greater when your users are in a public space, and a hacker comes in and poses as a falsified WiFi connection and steals your data."

How can you protect your home users, and ultimately your corporate network?

  • Change passwords on wireless devices

    • Upgrade to the latest firmware

    • Turn off the default SSID (it advertises the WLAN)

    • Consider WPA2

    • Use authentication, such as 802.1X

    • Add a personal firewall to the WLAN end point

      — Kelly Jackson Higgins, Senior Editor, Dark Reading

    • McAfee Inc. (NYSE: MFE)

About the Author

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights