According to Robert McMillan, McAfee says that your home wifi may be part of the next wave of targets by malicious hackers. Along with attacks on infrastructure services like DNS and municipal wifi, your home wifi will become another venue for attackers. Not the most heartening of thoughts if you're an end user and you're already a bit overwhelmed by all the security warnings out there.
The average end user can't do all that much when it comes to infrastructure attacks against services like DNS. They can keep their systems patched and hope their upstream provider does the same. And the same can probably be said of most systems administrators as well: keep patched. But the real damage control on this sort of attack is going to have to come at a higher level than the average user will understand or care about.
On the other hand, attacks on municipal wifi and open hotspots are something every user should be aware of and take precautions against. The standard disclaimers of 'be careful where you connect' and 'never do sensitive business over free wifi' still apply, but there's more to worry about than ever. A man-in-the-middle attack, where an attacker's AP pretends to be a valid AP but records traffic or modifies it slightly, could be used to capture the traffic an entire downtown area. Even using a site over SSL might not be enough if the attacker is ready for it. The only good news is that there haven't been any recorded examples of a successful attack like this being carried out. It doesn't mean it hasn't happened, just that we haven't caught anyone at it.
I have to agree with McAfee that the home wifi will become one of the next big targets, since many users don't know enough to set up their networks properly. Especially in urban settings where the density of personal AP's is enough to make being physically close to AP's less of a problem. As everything from your gaming system to your new computer entertainment center become endpoints of your wireless network, it makes the attack surface for hackers that much larger.
Using Cobia to segregate your wifi access point at home will help, as will being cautious when connecting to any open access point and using the best encryption possible on your home network. But these are thing's we should be doing anyways. And in all likelihood, if you're already acting in a secure manner, none of these new threats will require you to change the way you act. The people who are going to be in danger are the ones who already connect to any hotspot without a second thought and never thought about using encryption on their home wifi network.
Comments