We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Wi-Fi: dangerous to your PC's health

New attacks that can hack your wireless

All Wi-Fi security is not equal. New attack methods could enable hackers to access older networks in just a few minutes.

Most people follow the mantra that if it ain't broke, you shouldn't fix it.

But when it comes to security matters, sticking with the WEP technology found in older Wi-Fi routers could prove costly. WEP encryption has been superseded by a stronger, harder-to-crack wireless security standard known as WPA. If your router offers the choice of WEP or WPA, the latter is the one to go for.

Nevertheless, a significant two-fifths of businesses – and an even higher percentage of home users – still use WEP. The problem here isn't simply that someone can piggyback your wireless network, using your bandwidth to get online to check their email or download hefty files at no cost to themselves. A vulnerable network with insufficient encryption can be hacked and valuable data leeched from it.

In the US, the biggest known data breach of 2006 enabled hackers to gain access to 94 million bank card numbers. Hackers were able to acquire these having hacked the wireless network of retailer TJX – a network secured using WEP.

But the latest proof-of-concept breach demonstrates even more clearly why it's time to trade in WEP for stronger WPA encryption – or the updated version, WPA2.

Security researcher Vivek Ramachandran has developed what's known as the Caffè Latte technique – so-called because the hack enables the attacker to break through WEP protection on a client machine such as a laptop in the time it takes the unsuspecting owner to drink a cup of coffee.

In the past, hackers have focused on using WEP flaws to break into wireless networks. This process involves driving to a hotspot and cracking the WEP key to gain direct access to the network. Ramachandran's technique instead targets attached devices, tricking the WEP-enabled client into thinking that it's logging on to a familiar network.

The technique could give crooks the keys to any wireless network to which the laptop or device had access, including that of a hacked laptop owner's company.

"With the discovery of our attack, every employee of an organisation is the target of an attack," says Ramachandran.

NEXT PAGE: how to defeat such attacks > >

For the latest PC security news, reviews, tips and tricks, visit Security Advisor.


IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model