At least 20 per cent of the Wi-Fi networks used in Australian homes can be hacked using easy-to-obtain technology, experts say.
"The most a user can do is make sure the password is strong, but even then 'password security' is a fallacy," a researcher told the Sydney Morning Herald.
Technology blogger and commentator Stilgherrian agrees, noting that older WEP (Wired Equivalent Protection) systems were not properly secure.
"If your Wi-Fi is not secured, the Wi-Fi signal is not encrypted, so anyone can sit there with a receiver and record all your information," he told SBS.
"The WEP password technique is no longer adequate - if someone wants to crack the password for your WEP it'll take him about ten minutes," Stilgherrian says.
Data theft is not the only possible problem. Criminals can use other people's Wi-Fi to access child pornography or commit fraud.
Consumers who have older modems may not realise they rely on easily-crackable WEP software.
Newer encryption techniques Wired Point of Access (WPA) and WPA 2 are more secure, he adds, but even so they are vulnerable to 'brute force attack'.
"WPA is actually pretty good, but it's always a matter of time," says Chris Gatford of HackLabs - a so-called 'ethical hacking' firm that tests banks' and other big companies' security.
"But if you make the time required to crack into the network onerous, then you'll discourage hackers," he adds, stressing that most are opportunistic.
Applications - and even a readily-available device - that bombard secured Wi-Fi networks with password attempts until they penetrate them have existed for years.
"(The device) even comes in a nice box with a cartoon on it," Mr Gatford says.
"I don't think people are spending a lot of time cracking wireless networks to get into big corporations - they're finding easier ways," says Mr Gatford.
And many Wi-Fi users in urban areas have 'learnt their lesson the hard way', he adds.
"Ten years ago you couldn't throw a stone without hitting an unsecured network," he says.
He agreed with the figure quoted in the SMH - 20 per cent - but said that was very low.
"It's probably not even that high in metropolitan areas because people have had problems with other people stealing Wi-Fi," he says.
Queensland Police recently began a 'war-driving' campaign to seek out unsecured or poorly-secured networks. They do this by driving around driving around neighbourhoods with a laptop computer, the SMH reported.
CONSUMERS 'UNAWARE OF DANGER'
The average person who had bought a modem with WEP was unlikely to realise it was outdated and no longer safe to use, because it would still be working perfectly, Stilgherrian says.
"They look at the technology and thinks if it's not broken don't fix it. The problem is, it doesn't look broken," says Stilgherrian.
"Is it working to defend your data against hackers? That's not something you can see until it's too late," he says.
The responsibility may lie with manufacturers to remind customers to upgrade their system, Mr Gatford adds.
"They can easily send a reminder to users to say have you done X, Y or Z," he says.
However, RMIT researcher Dr Mark Gregory said manufacturers should also be made responsible for keeping up with protection systems.
"If a system timed out after a number of password failures, that would be enough to deter most would-be hackers," he told the SMH.
"Unfortunately manufacturers have been a bit lax," he added.
BigPond, Thomson and Speedtouch were three modem types that had been shown to be most vulnerable to a specific hacking tool that was easily available, the SMH reported.
SBS contacted BigPond for comment, but had not received a reply at the time of publication.
Share
