Cybercrime is on the rise around the world, driven by global connectivity and the increasing use and reliance on cloud services.
Online users have more access to digital services than ever before, and connectivity is a key to accessing these digital services. Whether it’s connecting to your home network, your company’s network or a public WiFi network, there are potential threats whenever you connect a device to that network if sufficient security protocols are not in place.
From credit card fraud to massive corporate data breaches, cyberattacks on networks are increasing, however, there are measures that businesses and individuals can take to protect their network.
Network security keys are digital measures that help to protect internet users when they are online and, in this post, we are going to take a deeper dive into the different types of network security key, the threats they help to prevent and the data they help to protect.
We have written extensively about the growth of cybersecurity threats as well as discussing some of the new methods cybersecurity specialists are deploying to combat the growing sophistication of cyberattacks, including the use of artificial intelligence and machine learning and data mining techniques. Whilst your network security key is a more basic cybersecurity method, it is no less important as a first line of defence against cybercriminals trying to access your network and all the devices connected to that network.
What is a network security key?
Before we dig into the benefits of network security keys, it is important to understand what a network security key is and what is its purpose.
At its most basic level, a network security key is a password or code that is needed to access a local area network (LAN). A network security key also facilitates a secure connection between the requesting client and the serving network or wireless device like routers etc. This protects a network and devices from unwanted access.
Many of us will already be familiar with a network security key at home – it’s how we access our personal WiFi network at home and the network security key allows us to establish a secure connection as well as prevent unwanted access to our home networks.
Every secured network will have a network security key, however not every network uses the same level of security or type of key.
The two different types of network security key
There are two main types of network security key and each one has its own benefits. The two main types of network security key include:
WEP (Wired Equivalent Privacy)
According to a 2016 report by Kaspersky, WEP is “being relegated to oblivion everywhere”. In a survey of almost 32 million WiFi hotspots around the world, they found that only 3.1% of those networks were using WEP as the network security key.
The report goes on to say, “The protocol was the first to be created, quite a long time ago, and is now completely unreliable – it would take hackers just a few minutes to crack it. From a data security point of view, using WEP is not much different from using open networks.”
With WEP keys, the same encrypted message is provided in every connection, meaning that everyone with access to the same key on a given network has access to each other’s information.
WPA/WPA2/WPA3 (WiFi Protected Access)
WPA and WPA2 are more secure network security keys than WEP. A WPA comes with a password/passphrase that you can obtain from the network’s owner. If you have a Wi-Fi router at home, the password that you sometimes see printed on the side of it is the WPA key.
WPA was an upgrade on WEP, concealing a user’s information from others on the same network, as well as using authentication codes to ensure that information sent across the network is more secure.
WPA2 was a further upgrade on WPA, using a stronger encryption method called AES (Advanced Encryption Standard). AES works by using block ciphers to encrypt and decrypt data.
According to Kaspersky’s research, around three-quarters of all access points use encryption based on the WPA protocol family.
Whilst WPA security keys are far more secure than WEP or WiFi networks with no encryption at all, it should be noted that they are not immune to cyberattacks. The effort required to hack WPA depends on the settings, including the complexity of the password set by the hotspot owner.
As you might expect, WPA3 is a further upgrade on WPA2, however, it is not yet as commonly deployed. WPA3 keys go a step further in terms of their authentication protocols. One of the potential security flaws of WPA2 keys, especially those with weak passwords, is the threat of brute-force dictionary attacks. WPA3 has tackled this threat and more, making it more difficult and time-consuming for hackers to access networks protected by WPA3.
Cybersecurity threats that network security keys protect against
A secure wireless network is often the first line of defence against cybercriminals and the primary benefit of a network security key is helping to keep digital users’ information safe.
In a document published by the Cybersecurity and Infrastructure Security Agency (CISA) in the USA, an unsecured home or business network is susceptible to a wide range of threats including:
Piggybacking occurs when an individual connects to an unprotected or poorly protected wireless network within close proximity. People that live in high-density areas, particularly in apartments or flats, are susceptible to this type of attack, with people living in close range able to access your network and compromise your personal information or even attack the network itself. These users may be able to conduct illegal activity, monitor and capture your web traffic, or steal personal files. If you can, set up alerts to show which devices are connected to your network.
Wardriving is a more targeted type of piggybacking. The broadcast range of a wireless access point can make internet connections available outside your home, even as far away as your street. Cybercriminals can be found driving through cities and neighbourhoods with a wireless-equipped computer—sometimes with a powerful antenna—searching for unsecured wireless networks. This practice is known as “wardriving.”
Evil Twin Attacks
As the name suggests, an evil twin attack involves setting up a false network that closely resembles a legitimate one. This would typically be done on public WiFi networks – at cafes or airports for example – and the “twin” network would have very similar protocols to the legitimate network, making it difficult for users to identify which one is genuine. Once connected to the false network, a user’s data is quickly compromised, and personal information can be potentially accessed and used for criminal activity. Always confirm the name and password of a public WiFi hotspot prior to use. This will ensure you are connecting to a trusted access point.
Many public access points are not secured and the traffic they carry is not encrypted. This can put your sensitive communications or transactions at risk. Because your connection is being transmitted “in the clear,” malicious actors could use sniffing tools to obtain sensitive information such as passwords or credit card numbers. Ensure that all the access points you connect to use at least WPA2 encryption.
Unauthorised Computer Access
An unsecured public wireless network combined with unsecured file-sharing could allow a malicious user to access any directories and files you have unintentionally made available for sharing. Ensure that when you connect your devices to public networks, you deny sharing files and folders. Only allow sharing on recognised home networks and only while it is necessary to share items. When not needed, ensure that file sharing is disabled. This will help prevent an unknown attacker from accessing your device’s files.
In public areas, malicious actors can simply glance over your shoulder as you type. By simply watching you, they can steal sensitive or personal information. Screen protectors that prevent shoulder-surfers from seeing your device screen can be purchased for little money. For smaller devices, such as phones, be cognisant of your surroundings while viewing sensitive information or entering passwords.
Benefits of a network security key
Whether you are an individual looking to improve your home cybersecurity, a small business looking to provide the service of free WiFi for customers without compromising security or a large enterprise fighting cybercrime, a network security key is a valuable tool and one of the first lines of defence against cyberattacks.
Some of the key benefits of a network security key include:
Keep networks safe from cybercriminals
The primary benefit of network security keys is their ability to thwart cybercriminals from accessing your network. Over the years, network security keys have become more sophisticated in an attempt to keep up with an ever-evolving cybercrime landscape. WPA3 is the most secure key for protecting your network, however, WPA2 is still the most common as WPA3 is not always detected by WiFi devices and many still only support WPA2.
Network security keys are not unbreakable, however, they do provide a very robust first line of defence for your network.
Protecting users’ identities and information
Cybercriminals are often looking to compromise a network to gain access to personal information stored within a network or transmitted over a network. Without a network security key in place, cybercriminals can gain access to information such as passwords, financial information, sensitive documents, and personal information such as phone numbers and addresses.
On a secure network, the use of keys, protocols and encryptions standards help to keep that information safe and secure.
A network security key is an essential element of any cybersecurity strategy and should be deployed by individuals, small business owners and large enterprises to help to keep networks secure.