Whether in public buildings, at your place of work, on the train, in the station, at home, whether for business or private purposes – nowadays, mobile devices allow you to go online just about anywhere and at any time. Frequently, and knowingly or unknowingly, a WLAN is used for this purpose. The abbreviation WLAN stands for Wireless Local Area Network.
- always act with a healthy dose of suspicion when using
an unknown WLAN.
- as far as possible, only ever connect using encrypted WLANs.
- not doing any of your e-banking via unprotected public wireless networks, and never send any confidential data across such networks as a matter of course
- employ strong encryption (WPA2) and a secure password with your access point.
The use of wireless technology enables WLANs to offer a comfortable option for connecting to the Internet, without having to waste any time considering bothersome cabling. Especially for mobile devices, e. g. tablets, it is often the only way of connecting to the Internet. But for smartphones, this type of connection is frequently switched on, too.
The use and operation of such wireless networks expose you to certain risks though, which you may not always be aware of.
Structure of a WLAN
The central component of a WLAN is the access point. This is the link connecting mobile terminals with the Internet or the network.
So that terminals can «see» the WLAN, the access point generally sends out its «name», the SSID (service set identifier).
When employing wireless transmission, this has the disadvantage that it is relatively easy to listen in to any data transferred. This is why the connection between mobile terminals and the access point should be encrypted. There are different encryption methods in existence which you can use.
Wired Equivalent Privacy was the first encryption key protocol employed by WLANs as standard. In the meantime, it is no longer considered safe and is relatively easy to hack. This is why you should no longer use it.
WiFi Protected Access has been developed from the WEP protocol. Improved security mechanisms provide better protection. For instance, the authentification of participants in the network has been improved, and a dynamic key was introduced for the purpose of transfers.
WPA2 builds on WPA, but employs the strong AES algorithm to encode the data transfer.
Whenever possible, you should only ever use WPA2 encryption with WLANs nowadays. The Preshared Key chosen, which could be called the «password» to the network, must be sufficiently strong. It should at least have 16 characters and all the characteristics of a strong password (see «Secure Password»).
Every network device, i.e. all mobile terminals as well, have a MAC address, which generally serves for their unique identification. Access points have an option to use a MAC filter. This means only «known» mobile devices with a known MAC address are allowed to access the network.
However, a device MAC address is not forgery-proof. With the right tools, a MAC address can be changed and the filter avoided. Still, the MAC filter option should always be used to place yet another obstacle in the way of any potential attacker.
Safe WLAN use
When using local wireless networks, you must ensure you observe the following points for in-creased security:
- Always act with a «healthy dose» of suspicion when using an unknown WLAN.
- As far as possible, only ever connect using (WAP2) encrypted WLANs.
- Don’t use any unprotected public wireless networks, e. g. «hotspots» in public places (towns, stations etc.) or hotels to do your e-banking or transfer any confidential data.
- If possible, deactivate the «automatic connect» function of your mobile device for all unknown and unprotected WLANs.
Safe WLAN operation
If you operate a WLAN yourself, you should observe the following points for your own security:
- Activate a strong encryption, at least WPA, even better WPA2, and make sure you choose a strong network key and password.
- Change the network SSID in case it contains personal data, e. g. your family name or information about the router, e. g. its type.
- Replace the factory-set router passwords with your own.
- Activate the MAC filter.
- If possible, reduce your WLAN router transmission power and switch it off if you no longer need your local wireless network.