Oct 15, 2010 15:34 GMT  ·  By

An ethical hacking experiment revealed that almost half of home wireless networks in UK can be compromised in a matter of seconds with freely available tools.

The test was performed by Jason Hart, senior vice president of CRYPTOCard, who drove around the main arterial routes of Bristol, Cardiff, London, Birmingham and Manchester with regular wardriving equipment.

Wardriving is the practice of scanning and recording the properties of wireless networks while in a moving vehicle in order to build maps of vulnerable access points.

The study was commission by life assistance solutions provider CPP and uncovered a number of nearly 40,000 high-risk wireless networks, that malicious hackers could target at any time.

Almost a quarter of all identified Wi-Fi networks had no associated password. This is usually an indication of home routers left with default configurations.

Many others used WEP, a security protocol that has been deemed insecure for years and can be cracked in a matter of seconds.

Even WPA (not WPA2), a strengthened version of WEP, is known to be vulnerable. While attacks can take a lot longer, a determined hacker can successfully penetrate WPA-protected networks.

The main problem with wireless networks, especial home ones, which people wronfully trust by default, is that they allow easy interception of traffic.

Sitting on the same wireless network as a victim, a hacker can intercept login credentials or other sensitive data and can even send back rogue responses (man-in-the-middle attacks).

"With the growth in the number of smartphones and wireless networks, it has become far easier for hackers to crack usernames and passwords, allowing them access to emails, social networks, and online banking sites and even to assume the online identity of their victim.

"It's vital that both businesses and individuals think very carefully about network security and what information they provide when going online," said Jason Hart.

If you own a wireless network, make sure that its security setting is set to WPA2 with AES. Also if not too inconvenient, configure it not to advertise its SSID (name) publicly.

Please note that if you choose to do the latter, you'll need to manually configure the wireless connection on the clients and input the SSID yourself.

Filtering the MAC addresses (physical network device identifiers) allowed to connect to the network, is also a good idea.

When you're connecting through public wireless networks, makes sure that all traffic going out of your computer is encrypted.

If you're logging into websites, makes sure you do it over HTTPS. Most popular websites have HTTPS (SSL) versions, that can be usually usually reached by typing the address with https:// in front.

A Firefox extension called HTTPS Everywhere can force this automatically for major services like Gmail, Twitter, Facebook, Wikipedia, Amazon and others.

Also, if you're using a local email client (Thunderbird, Outlook) make sure your connection to the mail server is secure (TLS). The same is recommended for chat clients that support it.