Tip of the Week: How to Keep Your Wi-Fi Router From Spying on You

You may be aware of the risks associated with utilizing Wi-Fi, like a potential hack attack. However, you may not know about a new risk where the Wi-Fi signals may be remotely checked for distortion in order to track human motion as they move through the signal.

It may sound like science fiction, but this is not the case. Numerous groups around the world have devoted research and development hours into refining systems that may be used to identify people in proximity of a Wi-Fi router based on how their body alters the signal. These researchers have used this method to successfully identify individuals based on gait, correctly identify letters written out in the air, and have even managed to read the lips of someone as they spoke.

Other researchers created a system that–once it had “learned” the dimensions of particular individuals–could correctly identify someone passing by out of two options with a 95 percent success rate, and 89 percent if given six choices.

This technology has also been proven capable of identifying individuals through walls, monitoring vital functions with near-perfect accuracy, and almost perfectly recognizing a sentence as it was typed out on a keyboard – all with a regular, store-bought router and clever coding on the part of the researchers.

While this method is still too sensitive and advanced to be performed outside of lab conditions by anyone who has not been trained, it is best to prepare defenses before surveillance-based attacks are possible. It’s also not a bad idea to be sure that your router is secure, anyway, as traditional hacking attacks can still pull valuable information from your device, or co-opt it to carry out other illegal activities.

To ensure that your wireless network is secure:

n
1. Access your router by inputting your Gateway IP address into your web browser. To find your Gateway IP address in Windows, click Start, followed by Run and enter ‘cmd.’ Enter ‘ipconfig /all’ into the Command Prompt window and press Enter. Find the Gateway line, the associated number is the address.
2. Enable WPA encryption on the access point, using 128-bit or higher encryption. If available, use WPA2.
3. Set a router access password. Remember, best practices say that random strings of capitalized and lowercase letters and numbers are the most secure. Not all routers allow other characters to be used, but if they are, incorporate those as well.
4. Change your Service Set Identifier (SSID) to something other than the default. An unchanged SSID tells a hacker that the user of that particular router is inexperienced, and is generally just keeping the other default settings on their device as well–including the password.
5. Set your router to only accept devices with known MAC addresses. A MAC address is a unique code that each networking card has. If your router doesn’t recognize the MAC address as a known device, it will not connect it to the network. However, MAC addresses may be cloned by hackers, and so they should always supplement WPA2 encryption, not replace it.
6. Disable both remote login and wireless administrating. By doing so, you restrict when access to the router’s settings is possible, effectively disabling any chance of wireless hacking into the device.

Following these steps will help you to keep your wireless connection intruder-less, allowing you to maintain your privacy and network security. For other security tips, keep checking back to the Resolve I.T. blog.