Story image

US students hack school WiFi network

09 Apr 2019

Two high school students in the United States were arrested for allegedly hacking their school’s WiFi network to avoid taking a test, proving that education institutions still have work to do when it comes to securing their networks.

According to a report from CBS, two 14-year-olds apparently hired a private company to hack and disable the school’s WiFi over several days in March this year. As a result, teachers were unable to conduct tests or lessons that depended on internet access.

The students are now facing charges including ‘conspiracy to commit computer criminal activity’, and ‘computer criminal activity’.

“Our Wi-Fi connection was compromised over the past week. We have determined that two students may have been involved in the disruption of our system,” Secaucus School superintendent Jennifer Montesano said in a statement.

According to security certificate issuer DigiCert, there are a number of ways to strengthen WiFi networks:

1.    Use sophisticated passwords

Like all passwords, the WPA2 password used to secure wireless networks should be long and sophisticated enough to foil hackers attempting to “aircrack” passwords. Personal names, simple dictionary words, or easily guessed numbers should be avoided.

2.    Change the default WiFi admin username and password

The easy first step to improved security is to change the default username and password. Since most routers don’t require a physical connection to log into the admin interface, eliminating this vulnerability removes the lowest hanging fruit available to hackers.

3.    Use the latest WiFi encryption

If hardware can only support WEP or WPA encryption, look at replacing it. The Wi-Fi Alliance strongly recommends the uniform adoption of WPA2. Cutting-edge encryption has been proven to be secure against even the most committed attackers if it is properly implemented. Enterprise environment managers should use the additional protection afforded by dedicated digital certificates.

4.    Encrypt WiFi router admin pages

Secure administrative login pages with a digital certificate for WiFi. The self-signed certificates that come pre-installed on some routers are publicly untrusted, easy to duplicate, and vulnerable to Man-In-The-Middle (MITM) attacks. SSL Certificates from trusted Certificate Authorities will ensure that all of communication via WiFi remains secure and private. If the router doesn’t cover digital certificates in the quick start guide, look for instructions on the manufacturer’s support website.

5.    Update the WiFi router firmware frequently

Research shows that up to 80% of routers ship with severe security vulnerabilities. Part of the reason for this is the obsolete firmware that is included and automatic updates that are turned off by default. Like other aspects of a network, timely updates are an essential part of any security plan. Ignoring the firmware updates will ensure that network security will fall further and further behind as new exploits are devised by hackers.

6.    Consider locking down MAC addresses

While this may not be practical in larger networks, admins on smaller networks can lock down MAC addresses to have a high level of control. Wireless routers and Access Points rely on access control methods like MAC (Media Access Control) address filtering to prohibit network requests from potential attackers. 
Every WiFi-enabled device is assigned a unique MAC or physical address and maintains a list of devices that can connect to them. Admins can manually input addresses to designate exactly who can connect to a network, although be aware that there are tools that allow attackers to fake MAC addresses.

7.    Train users not to auto-connect

Employees might be tempted to set their devices up to auto-connect to any WiFi signal it encounters. This is especially dangerous in situations where it would otherwise obvious to users that it would be unwise to check their email, due to the possibility of a nearby hacker sniffing the network, but their device connects without asking for permission. Another danger comes in the form of hotspots created specifically by hackers with the sole goal of hacking into connected devices.

8.    Use always-on SSL

The same reasons recommendations to use HTTPS everywhere throughout on a  website apply equally to WiFi. Accessing an account on an encrypted page and then continuing to interact with the site via unencrypted pages leaves the user vulnerable to session sidejacking.

Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.