We’ve all tried being creative with our wi-fi names. And the intention – be it the subtle ‘Thou shall not covet thy neighbour’s wi-fi’ or the more direct ‘Get your own wi-fi fuckhead’ – is usually to discourage uninvited leechers from trying to access your network. All good – but what about the password? You didn’t seriously think that your message alone would be enough to discourage hackers and intruders, did you?
Because if you did, you might be leaving yourself open to hostile takeover by a ‘botnet’. On Friday last week, the Western world experienced a DDoS (Distributed Denial of Service) attack, which basically translates into flooding a single source with more server requests than it can handle, making it shut down. Although the attack didn’t do much damage, it shut down parts of the internet for quite a while. So what? That’s a minor inconvenience at best, right? Yes, but imagine this happening to the entirety of Internet. The scarier part though is that this attack was possible because a number of IoT (Internet of Things) devices were left open to takeover by a botnet (a vast network of IoT devices).
So if your wifi password is ‘password’ (so clever, sigh) or something like ‘qwerty123’, you might, in the best case scenario, lose some of your allotted data usage quota. In the worst case, you might be the cause of the next large scale attack.
WHAT IS A BOTNET?
While the term botnet is pretty benign, this form of hacking has another name that reflects its threat better – zombie army. A botnet is a collective of systems that are being used without their owners’ knowledge via remote access. It’s kind of like a simpler-version of Skynet from Terminator.
WHAT CAN YOU DO TO PROTECT YOURSELF
First step is stronger passwords. Apart from your wi-fi, protecting access to any device that gives you that option is necessary. But just the password isn’t enough. Steps that you need to take include upgrading to a WPA2 (Wi-fi Protected Access) security for your wi-fi. Disabling your WPS (Wi-fi Protected Setup) is also a good idea. The next step is to change the password of any IoT device that you own. But not so fast. To make sure this is effective, you need to reset the device to factory settings so that if the device is already captured by a botnet, the network wouldn’t know you’re changing your password. If you’re still feeling paranoid (though there’s no such thing as being too careful on the internet) you can also check if your network has access points outside your LAN (Local Area Network). You can locate open ports on your network through a number of websites such as this one.
Checked everything on the list? Now you can sleep easy, and thank us later if and when the zombie army comes for you.