We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Wi-Fi: dangerous to your PC's health

New attacks that can hack your wireless

All Wi-Fi security is not equal. New attack methods could enable hackers to access older networks in just a few minutes.

Most people follow the mantra that if it ain't broke, you shouldn't fix it.

But when it comes to security matters, sticking with the WEP technology found in older Wi-Fi routers could prove costly. WEP encryption has been superseded by a stronger, harder-to-crack wireless security standard known as WPA. If your router offers the choice of WEP or WPA, the latter is the one to go for.

Nevertheless, a significant two-fifths of businesses – and an even higher percentage of home users – still use WEP. The problem here isn't simply that someone can piggyback your wireless network, using your bandwidth to get online to check their email or download hefty files at no cost to themselves. A vulnerable network with insufficient encryption can be hacked and valuable data leeched from it.

In the US, the biggest known data breach of 2006 enabled hackers to gain access to 94 million bank card numbers. Hackers were able to acquire these having hacked the wireless network of retailer TJX – a network secured using WEP.

But the latest proof-of-concept breach demonstrates even more clearly why it's time to trade in WEP for stronger WPA encryption – or the updated version, WPA2.

Security researcher Vivek Ramachandran has developed what's known as the Caffè Latte technique – so-called because the hack enables the attacker to break through WEP protection on a client machine such as a laptop in the time it takes the unsuspecting owner to drink a cup of coffee.

In the past, hackers have focused on using WEP flaws to break into wireless networks. This process involves driving to a hotspot and cracking the WEP key to gain direct access to the network. Ramachandran's technique instead targets attached devices, tricking the WEP-enabled client into thinking that it's logging on to a familiar network.

The technique could give crooks the keys to any wireless network to which the laptop or device had access, including that of a hacked laptop owner's company.

"With the discovery of our attack, every employee of an organisation is the target of an attack," says Ramachandran.

NEXT PAGE: how to defeat such attacks > >

For the latest PC security news, reviews, tips and tricks, visit Security Advisor.


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

Artist creates a geometric rave in a chapel for The House of St Barnabus

IDG UK Sites

Mac mini (Late 2014) 1.4 GHz review: Mac mini is sort of upgradable, but is it any good as it is?