Last updated on May 8th, 2020 at 07:04 am.

A small business cyber attack can happen over the internet and happen locally. Your wireless access password needs all the help it can get.

If an attacker were to drive by your house OR workplace, they can snoop in on what is going through your wireless network, meaning that devices like your laptop, wireless-connected desktop pc, tablets, or phones can be spied upon, manipulated, or broken into, even if your wireless network is “hidden”.

Because of this ease of physical access, wireless signals may be easier to hack and get into your network and snoop/hack around for your passwords, etc., instead of just directly attacking the businesses that hold your accounts online.

Many households and workplaces (hopefully) secure their wireless internet connections with WPA2 PSK or AES encryption, the best consumer encryption that nearly all modern wireless-routers use.

Home and Workplace Security Architecture Risk Assessment

To address your local troubles, your wireless access passphrase (often called a password) that is used for your business communications could be at fault for letting cyber attackers unfettered access to your network. And with that network access, all your computer and device assets can be used to launch other cyber attacks against other people and business, not to mention snoop on your (banking, private, and sensitive business) activities.

Your wireless devices use the passphrase that you initially give it to get onto your computer network to access it’s resources, including the internet. It’s this passphrase that needs to be incredibly strong, not only for customers not to access your private business network, but for passing cyber attackers “war-walking” or “war-driving” past your business. These common hacker terms generally mean “the act of locating and possibly exploiting connections to wireless local area networks via…”, you guessed it, walking around or driving around (your place of business).

small business cyber attacks target wireless
A common wireless access point purely used for wireless access, different from a wireless modem which acts as a router and includes other services.

Oh, and don’t rely on trying to make your wireless network “hidden.” It’s unlikely that you’ll stop an attacker from knowing that your wireless network exists. While you can turn off your broadcast signal that shows the name of your network, a freely available wireless sniffing software still can “see” your private network’s data flying back and forth between devices, computers, and the wireless router or access point. Though not broadcasted for all to see, your network name (ID) is embedded in each piece of data transmitted; How else would your equipment be able to differentiate between your network and other networks?

Wireless signals can be ‘captured’ and an attacker can use one or many computers to make millions of guesses a second to break your password. The next best thing to do is secure it with a very long (20 to 64 characters), easy for you to remember passphrase. The longer the password is and sprinkled with unusual characters like ‘!@#$%^&*()’, the better- it can make the difference from a few days for a computer to crack to hundreds of thousands of years for a computer to crack.

And yes, we do use 20-35 character passphrases here for our networks, which should be more than enough to prevent cracking or guessing. It helps prevent these kinds of small business cyber attacks.

Wireless routers don’t always have antenna’s attached that you can see- they may be internal.

Here is a guide made to generally help you change your password. You’ll find that while you change your passphrase, you can also select the type of encryption to use, which is at least WPA2. Occasionally you’ll see WPA2-PSK or WPA2-AES, of which both are fine, though AES is considered stronger.

… wait, but what about WPA3 which was announced in 2018? We’ll if you see that your device supports WPA3, use it! Theoretically easier connections, better protection against brute force attacks, passive encryption even on open “non-encrypted” WIFI networks from your devices to the wi-fi routers, and more. Short answer is, use the newest WPA-“X” technology you can if your devices or computers can handle it- not everything has this ability yet.

Bonus: Here is an article talking about how long your wireless password will last.

Update: Relatively recent weaknesses in the WPA2 protocol have been discovered. Be sure to update all your devices and computers that have applicable updates to their newest versions. If you’d like more information on this weakness that affects everyone’s devices and computers with WiFi capabilities, read on here.

Please don’t ignore this simple fix in your security to defend against these small business cyber attacks. Not having your wireless network secured is an excellent way for a cyber attacker to get into your network. Make it harder by having a great password set with the modern encryption settings!

Save time & money in fixing and managing many small business cyber security issues with our step-by-step cyber security management software. Your business will be more resiliant to cyber attacks and your customers would take notice.



Comments and questions below are viewable and open to members only.