Shawn Y. is a computer hacker… but he is one of the good guys.
Each year his company tests hundreds of other businesses to see if their internet security is up to par.
Last year, Shawn was conducting a penetration test on a private equity company.
The task was to go to the company’s office and test their internet security from the lobby.
At first, Shawn tried to gain access to the Wi-Fi network by guessing the password. After many attempts, he realized this was not going to work.
Next, he scanned guest Wi-Fi networks, but again, he had no luck in gaining access.
As he was sitting in the lobby Shawn noticed there was a tablet at the front desk.
It was used by customers to contact an employee they had a meeting with, similar to a check-in list you would write your name on when going to the doctor’s office.
But the tablet had not been secured, so there was no limit to what a user could do on the tablet.
Shawn used the tablet to enable Wi-Fi sharing, then shared the Wi-Fi with his phone and laptop.
This feature is common among many devices.
For example, say you have a family member over at your house and they want to use your Wi-Fi.
Instead of telling them the password you can use a feature on your device to share the Wi-Fi with them.
Once Shawn had access to the company’s Wi-Fi, he was able to use credentials found on another network to log into the administrator accounts for the Wi-Fi.
In short order, he had complete access and control of the entire Wi-Fi network.
He was able to do all of this because the company failed to secure a single tablet they put in the lobby for customers to use.
Thankfully, as I mentioned, Sean is one of the good guys, hired to do this test. So, he helped the company shore-up this security breach.
And with cyber-attacks occurring all the time, more companies are turning to penetration testing.
The idea is that an approved hacker will carry out a cyber-attack to uncover security vulnerabilities.
If your employer hasn’t done this, it is something they should consider.
Even more, you should consider testing your home network for gaps.
To that end, here are a few things you can do on a much smaller scale to penetration test your home internet network.
Here are a few simple things you can do to test the security you have in place.
Passwords:
One thing you can do is ask your friends or family to try to log in to your Wi-Fi and guess your credentials.
For example, the person would have to figure out your Wi-Fi name before they even tried to guess the password.
If your network is your name this will be a giveaway, so your network should be something that even the people closest to you wouldn’t know
The same goes for the password.
Next time someone comes over and asks for the Wi-Fi password tell them to give it a guess. If they know you, they might make some educated guesses.
See if anyone can do it. It’s simple, but an effective way to gauge your password strength.
Change your router admin:
The internet router is the central hub for your internet connection. This makes it a huge target for hackers, and it’s why it’s so important to keep it secure.
First, make sure your router is using WPA2 for your Wi-Fi key. If your router is newer, it should be using this.
Next, log into your Wi-Fi with the password you always use.
Once you are on the network try to log into the administrative controls of the router itself.
These days most routers come with random passwords.
But when you set up the main password to access your Wi-Fi you may have changed the password for admin controls as well.
You want to make sure the passwords are very different.
Because on the off chance a hacker can guess your Wi-Fi password, you don’t want to make it easy for them to get admin access of your router.
Change the router name:
If you live close to your neighbors and you look up nearby Wi-Fi, you will see many different networks or SSID names.
By default, your router broadcasts a name that gives away what model it is.
So, one router’s name might be LinkSysAC2200. Which tells a hacker the person is using a LinkSys model AC2200 router.
This makes it a lot easier to hack into since the hacker would know the exact model and they would just need to figure out the security weaknesses of it.
As you look at nearby Wi-Fi networks, look for your network name.
If it is the default name, change it to something unique.
Again, you want to name it something that doesn’t connect it to you or your home, so don’t use your name or any identifying words.
There are many different ways that hackers could target you, but the most common way they will gain private data is by accessing your router.
However, by performing a few simple tests you can make sure that your router is secure and not an easy target for hackers.
