Could hackers break into your Wi-Fi wireless router?

You just got a new wireless router for Christmas, but when you set it up it asks about wireless security. Do you want WEP, WPA, WPA2 or any of the other alphabet soup options they give? While it’s easiest to just pick the default setting, are you setting yourself up for trouble from aspiring hackers? And what about the new WPS hack tool – called Reaver – does that make things worse?

Increasingly, home networks use wireless to avoid poking holes in walls to route Cat5/6 cable and install jack faceplates. If you live in an apartment, condo, or other rental, modifications of this type may not endear you to the landlord. But with wireless routers widely available with good range that can reach through walls and doors, a modern wireless router can work well enough to reach around your whole house and allow anyone to connect.

But what if that “anyone” is someone driving down the street, anonymously using your connection to do who-knows-what, which might be attributed to you? There was recently an episode in Buffalo, NY where law enforcement broke in and accused a hapless (and startled) home occupant who’s wireless was being used by a neighbor to do nefarious acts without his knowledge.

Many people never set a password to protect their WiFi, after all it's just one more password to remember, right? And your neighbors aren’t THAT evil (you hope). On the other hand, if the neighbors use your internet, it could make everything slow down, and if they get malware, it can spread to computers in your house and leave some unwanted gifts which can be quite painful.

Let’s start with WEP (Wired Equivalent Privacy). WEP is a vast improvement over no password. Think of it like a car with at least the doors locked. The door locks might not be the ultimate in security, but lacking even basic door locks leaves you wide open to thieves, so it’s better than nothing. It will deter simplistic thieves as they may look for other easier opportunities. But if they wanted to crack it, WEP won’t give them much of a workout. Using modern tools, WEP can be cracked in a few minutes, and you’d have a mistaken sense of security that your home and network are protected. So let’s move up the security chain to something beefier that’s also an option on most modern routers, WPA.

WPA, short for Wi-Fi Protected Access, is tougher to crack. WPA2 was later added, making it even more difficult by toughening the encryption used on the traffic from your computer to the router. This makes it much more difficult for bad actors to intercept and trick your internet traffic into going places other than where you intend. If you have the choice, this is definitely an improvement over WEP, so use this at a minimum, preferably WPA2 if you have the option. Some routers also will give an option of TKIP vs. AES, use AES if you have the choice, it’s more secure.

But now, WPA is being cracked by a new tool released called Reaver, which allows cracking attempts on the WiFi Protected Setup (WPS), which is a tool on many newer wireless routers that allows a shorter passphrase to be entered, but also allows brute-force attacks to be much easier, since fewer characters would be required to crack. Since it affects many models of wireless router, manufacturers will be working on patches.

There’s no such thing as perfect security, it’s a game of cat-and-mouse. Exploits will always be a nuisance for network security folks, and the Reaver tool shows that network designers still have their work cut out for them to keep patches current. But while they’re busy finding solutions, WPA2 still remains a much more secure way to protect your home network than older methods, and it’s pretty simple to use. If scammers go looking for networks to crack and they see WPA2 in place on your router, chances are they’ll look elsewhere, like to your neighbor’s router that has no protection at all.

Author , ESET

  • Michael Safyan

    Many routers that support Wifi Protected Setup (WPS) allow it to be enabled or disabled. For such routers, simply disabling WPS in conjunction with using WPA2 is the best option.

  • alexios

    if my neighbour gets a virus, how my pc can get infected too?

    • David Harley

      An answer to that could run to book length. :) It’s certainly too long for a blog comment.

  • Saad

    Thank You. A Very Informative Article. :)

  • Cameron Camp

    @alexios: the really simplistic answer would be that malware often goes looking for other easy targets on the same network. If your neighbor is using your network, he would usually be on the same mini-network that your other home computers freely communicate on, which is less locked down by firewalls usually that a public internet. This means it's easier for your home computers to talk to each other, share files, share printers, etc. It's also easier for them to share malware with the neighbor's computer, unfortunately. But David's answer is more complete, in that there are probably 1000's of articles that do the subject more justice than I can in a couple sentences :)

  • Zoran Cuckovic

    I am using a weird name of my wirelles home network + WPA2-PSK / WPA-PSK with randomly generated Pre Shared key in the lengt of 30 characters (Capital letters , small letters , numbers and different special signs) + MAC address filters for allowed clients – all known clients by unique MAC address. I put setup of router's firewall at highest security level protection. Beside this precautions I am using ESET Smart Security 5 , with highest level setup protection. By my opinion there's no any hackers that could hack my wireless network. :-)

  • Unknown

    does ESET protects from hackers

    • David Harley

      ESET products offer some protection from many techniques used by hackers. It would be a bit presumptuous to claim to protect from all threats or even all types of threat.

Follow us

Copyright © 2017 ESET, All Rights Reserved.