GCN LAB IMPRESSIONS
Don’t get raided by a SWAT team; secure your wireless hub
- By John Breeden II
- Jul 03, 2012
There are many risks in setting up an unsecured wireless hub, from losing bandwidth when unauthorized people connect to having files snooped and removed from your network. But having heavily armed police officers toss grenades into your house probably isn’t a consequence that comes to mind.
One couple unlucky enough to live in Evansville, Indiana, where the police could become poster-children for overreaction, found out otherwise. Their “crime” was one that probably half the people in this county have committed.
They bought a wireless access point from a store, took it out of the box and turned it on. Pretty soon they could have been watching “Game of Thrones” on their laptops and playing “Words With Friends” on their iPhones.
But they also had unknowingly opened up their network, and their lives, to the outside world.
How to secure your ‘Ethernet port in the parking lot’
Someone — police still don’t know who it was — used their wireless signal to post a threatening message on a chat board, warning of violence against police. That prompted a fully armed SWAT team from the Evansville Police Department to roar to their home. It was apparently an emergency, yet the police had time to invite a TV news crew to come along for the ride to film their heroic actions.
When they arrived at the home, they saw a clearly unarmed woman sitting on the sofa watching TV. The front door was open, with just an unlocked screen door between them and the suspect. So the Evansville PD thought the best course of action was to shatter a window, break down the unlocked door, and toss two stun grenades into the house.
Then amid chants of “go…go…go” they rushed in, automatic rifles at the ready. But instead of finding a terrorist, they just scared the wits out of an 18-year-old woman and took her and her boyfriend into custody. They were later released without charges, and the city agreed to pay for all damages relating to the raid.
While the police might have acted poorly in this case, some of the blame -- not in a criminal sense -- does rest with the homeowners. A threat was made via their network, which they failed to secure. In addition to this type of situation, I’ve heard that child pornographers also drive around looking for a house with unsecured wireless access to use to download their digital prey.
It’s better to lock down your wireless signals and avoid any hassle. And it’s so easy to do these days. Almost any new router you buy will allow changing the Service Set Identifier (SSID) and default password as the most basic level of control. You need to do two things.
First, change the SSID, which is the name the device broadcasts to the world. No need to let people know what kind of device you have, as this is mostly always part of the name. You can also choose to cloak the network ID, although then you will have to remember the name and manually enter that for each device you want to connect.
Second, you need to change your network key, which is a fancy way of saying change your password. In the old days, most wireless APs from any company used the same default password for every device. One well-known company used to use “tsunami,” for example. So be sure to change it, or add one if your device comes in default open network mode, something that thankfully is becoming pretty rare.
Due to a terrible storm that hit the area where I live, I ended up losing my old wireless hub despite all the protections I could give it. I went out and bought a new one from Netgear, just a basic model that costs less than $40, and was pleased to find that it came with WEP encryption by default.
Even better, the default SSID and password were both randomized. So my password was something like “elegantgazelle091” printed right on the bottom of the device. My SSID was somewhat random, though it used the name Netgear. Still, that means that if I just plugged it in and went about my business, I would be more protected than those poor people in Evansville. So it’s nice to see companies getting more serous about wireless security.
Of course, I changed both of the default names on my wireless, but I happen to be allergic to grenades. If you are, too, take my advice and don’t leave yourself vulnerable to a wireless intrusion, or by extension, a police action.