The Telegraph reports today that nearly half of all Wi-Fi networks in the UK are not secure. Research conducted by insurer CPP found that out of the 40,000 Wi-Fi networks sampled across the UK, a quarter of them had no password protection at all and another quarter had simple or an easy to hack password. This information may come as a surprise to most owners of a home Wi-Fi network because 82% of Britons believe that their network is secure.
As I said on Tuesday in my post on Internet data scraping, online users need to be careful what – and how – they enter information online. It is the responsibility of an individual to make sure that their personal information, like bank details and credit card payments, are used online in a secure online environment. Changing or even adding a password to a Wi-Fi network can mean the different between stolen personal data and basic online security. And one should make sure that those passwords aren’t simply your own last name or your home address in which the Wi-Fi is located.
But there is a bigger issue at hand. The research by CPP was conducting by actually trying to hack those 40,000 Wi-Fi connections and the researchers were successful in connecting to a Wi-Fi account on approximately 20,000 of those connections. This means that unknown users of the Internet can not only poke around on your home network, but can use it to download many things including illegally shared music and films.
The Digital Economy Act is intended to legally ensures that those who engage in downloading of illegally file shared materials are tracked down. The majority of those people will be caught by the monitoring the IP addresses, or the physical Internet location of the network on which the downloading took place. If Wi-Fi networks are easy to access, then there is nothing stopping people from downloading music or films on these networks. In other words, your own Wi-Fi network could be used for downloading illegal files and you would be liable for the damages or your Internet connection could be terminated even though you didn’t do a thing.
So, if you use some basic password security and some common sense you can ensure that your personal information and your home Wi-Fi network isn’t as vulnerable - because, as the Telegraph report demonstrates, even though it's not your fault, you're better off protecting yourself. You don't have to encrypt your letters or your phone calls, so you shouldn't have to encrypt your online life - but I hope the above shows just why you'd nevertheless be better off doing so.
It's a bit of a bind, but it is best to change your password frequently.
I will look, with interest, if anyone more knowledgeable than myself can give more useful tips.
Posted by: Andrew Ampers Taylor | 14/10/2010 at 01:50 PM
Um, did CPP read the Computer Misuse Act 1990 before doing this? Because to me this sounds like a section 1, Unauthorised use of a computer system...
Posted by: Silverback | 14/10/2010 at 03:27 PM
It actually has little to do with password security on a Wi-Fi connection. Its all down to the encryption protocol employed: be it WEP, WPA or WPA2.
WEP can be cracked in a couple of seconds, no matter how good the password. WPA is better, but wi-fi networks need to be secured with WPA2 encryption.
Posted by: Chris Hampsheir | 14/10/2010 at 03:32 PM
Did you know wifi is on the same frequency as a microwave oven.? Oh yes. if you took a screw driver and removed the magnetron it would wipe out all wifi for about 700 feet, put an antennae on it and it would do a lot more. connect it to a dish and you could target it at a system 15 miles away. This information is for educational purposes only.
Posted by: forks | 14/10/2010 at 05:09 PM
You can also set your WiFi network not to broadcast its name to the world. In our house you have to type in the name of the network as well as your password, and you still can't connect unless it recognises your machine's Mac number.
Posted by: Firebird | 14/10/2010 at 05:24 PM
Well would you Adam and Eve it.
Google their son's names (just the famous two).
This information is for educational purposes.
Posted by: Purlieu | 14/10/2010 at 05:34 PM
This is hardly 'news', it's been known about for a long time. Perhaps the Telegraph were hoping to stretch out the Chile Miners story and found that they all got out too quickly.
Posted by: Gordon861 | 14/10/2010 at 05:51 PM
perhaps the El presidenti of Chile was scamming us all.
http://uploadpic.org/storage/originals/sdufrjjjs9249res22fs32ju2s.jpg
Posted by: forks | 14/10/2010 at 06:04 PM
A (not very techno-knowledgable, not at all security conscious) friend of mine got up early one Sunday morning to find a guy perched on a fishing stool, leaning on his front wall, with a laptop, surfing via his wi-fi. Doh !
Posted by: vervet | 14/10/2010 at 06:21 PM
A couple of points--
You're only in danger of having people get your credit card details and other computer information if your computer has no password. If they get onto your network that's all they get.
Second, hiding your network is a false security, a lot likemandatory net filtering proposed here in Australia
http://www.gizmodo.com.au/2010/09/is-hiding-your-wireless-ssid-really-more-secure/
Posted by: Lisa | 14/10/2010 at 10:59 PM
Home network security is a bit of a red-herring - it is the PC security that is key. ISP's want you to secure your network so that it doesn't impact their sales. Leaving your network open puts you in the same position as when you use hotspots at (take your pick) Starbucks, McDonalds, hotels etc...
Granted home network security is another layer of protection against hacking - but the attacker would need to be very close to your home and except for the large urban areas this is in practice not a danger that most of us would normally face.
Posted by: Mark | 15/10/2010 at 06:59 PM
Mine is set up with WPA2 with a 20 digit random PSK. There is also MAC address security. Anyone who can hack that is welcome to try, and fill their boots!
Posted by: Scott Wichall | 29/10/2010 at 01:32 PM