If a Hacker wants in bad enough, they're getting in...
Wait, what? Really? Yes, really.
Now that being said, hackers really aren't all that interested in you specifically, what they are interested in however is an easy target, and that right there is what network security really boils down to.
The title statement, 'If a hacker wants in bad enough, they're getting in' is an undeniable truth. That's why hackers are consistently able to break into these major corporations that have been hacked recently, they want in – and believe me, Sony Corporation (and plenty of other recently hacked companies) have better network security than you do. The difference is what I said in the first sentence, 'the hackers aren't interested in you specifically'.
You are small beans, I am small beans. A hacker doesn't know what my net worth is likely any more than they know yours. They do however know that Sony Corporation, Paris Hilton, Justin Beiber, and other household names have money (or in some cases, information that would be valuable to tabloids, television, radio, etc.). So, as long as you aren't Justin Beiber, or Mariah Carey, etc. you're safe right? Sadly, that's still not true.
The thing about living in the digital age where everything is connected, and we all pretty much have WiFi radiating from our homes, offices, and home offices (your wired network is remarkably safe by comparison) is that while it is extremely unlikely that you specifically will be targeted because of who you are, it is entirely possible that you will be targeted by virtue of the fact that you make for an easy target.
I did some War Driving today, for those of you who don't know what that is it's basically driving around with a WiFi scanner and looking to see what you find. Now I don't go onto peoples networks when I do this, that would be illegal, but I do like to look for patterns in regards to the seriousness with which people take their wireless network security. Truth be told, it's pretty scary. Here are a couple things of note (and a couple suggestions) from my little drive, in no particular order.
- WEP encryption is laughably easy to break, switch to WPA2, if your router doesn't support WPA2 encryption it's time to buy a new router.
- Change the default network name (SSID) that your Router wants to use when you set it up. Hackers the world over know that they can go out and find people broadcasting; linksys, NETGEAR, default, belkin54, home, setup, tp-link, dlink, etc. SSID's and can prepare themselves to deal with those network names in advance (once they know the network name the only mystery is the password lol).
- Don't use your last name (ex. Martin-Home, or Martin-PC) that's barely better than the default SSID, especially if you have a common last name like; Jones, Martin, Smith, Walton.
WPA2-PSK (that's probably the flavor of WPA2 on your home router) has been cracked, but for the most part it's still pretty freaking secure, especially if you take the extra steps mentioned above, and a couple here to follow, to make yourself more trouble than it's worth for a hacker to bother with.
- My blog post 'The Importance of Strong Passwords' would be a good read for a lot of people (oh yeah self-promotion!).
- At a minimum create a password that conforms with the recommendations in that piece, for even more bang for your free advice buck, make that password at least 25 characters, and make it as random as you can (use KeePass to help you remember it, it installs easily on a thumb drive and can be with you always).
- While you're at it, use a long and random name for your SSID too, you can save that in KeePass as well.
- Change your SSID periodically.
Just like that, your wireless network is considerably more difficult to hack into.
In closing let's do a thought experiment to demonstrate the real world benefit behind these changes being suggested.
Imagine that you live in a cul-de-sac, around the outside of which are four homes (four houses in a cul-de-sac? must be a nice neighborhood!). A shady old 'black hat' hacker pulls up outside just after midnight with his laptop in his car and is all set up to brute-force attack someone's network. Will you look at that, someone has the network name NETGEAR, that's in the 'Rainbow Table'. Guess whose network is getting targeted tonight?
Now let's pretend everyone in the cul-de-sac has read and followed the advice found in Everyday IT, the hacker gets instead to have a choice of the following networks:
Guess who's driving to another neighborhood to try to find a victim.
See, the hackers really don't care about you, they care about easy targets, and it's really up to you the consumer to make your network more secure than the next guys. While it can be scary living in the digital age, with a little bit of knowledge, and a little bit extra time put in, you can make your network a whole lot safer from the dangers that come with the added convenience of information technology.