Connecting to Wi-Fi has always had the potential to leave internet users open to security attacks that could jeopardise the security of sensitive information. Now, new research indicates that the authentication system used in the majority of wireless connections, both home and business, is susceptible to a security breach that allows hackers to intercept personal data shared between devices and networks.
Hackers can take advantage of the network’s inability to discern a regular device user from a hacker imitating someone else’s device. When connecting to a network, the system generates a random nonce number sequence which allows the device user and the network to communicate in a confidential ‘handshake’. However, hackers can reuse this session key to ‘listen in’ on the data being exchanged between the user and the network.
Both Google and Microsoft have responded by releasing update patches to protect internet users, but many router manufacturers are yet to react. Although there is no direct evidence so far that the fault in the system has been exploited by hackers, this threat of a security breach highlights a more serious issue in internet use today.
These security flaws are symptomatic of a world in which there is an increasing division between the ‘tech-laity’ and the computer coders. The majority of people who browse the internet and connect to networks do so without the slightest knowledge of how the data-exchange infrastructure works.
We can no longer browse the internet and use devices with the naivety and blind trust we have enjoyed in the past. It is curious that only now, in 2017, has an issue like this found popularity in current news. In reality, the lack of security in networks has been present for over two decades. Gone are the days of WEP and WPA password encryption: they can now be hacked in a matter of minutes. Instead, the more secure WPA2 encryption remains the industry standard.
But no network is unhackable, and this recent discovery serves as a stark reminder that the internet is not as safe as we consumers believe.
Tech companies have been quick to respond, encouraging users that these threats are over-hyped and as of yet no data has been maliciously intercepted. However, most internet users have no way of gaining complete assurance on this matter; they simply lack the skills to verify it.
In fear of hacking, many look toward the government as a source of cyber-regulation. Indeed, Theresa May proposed a new internet security manifesto in which the government would attempt to gain sovereignty over the web and restrict the presence of ‘safe-spaces’ of communication online, mainly to target terrorism.
However, these plans have come under scrutiny as ineffectual, as current government shields can be overpowered by any 10-year-old with an iPhone and a VPN in a matter of seconds. Additionally, this ‘big brother’ supervision of internet use treads a fine line between protecting people and spying on them.
The cyber-anarchist voices of the early noughties remind us that the insecurity and unaccountability of networks represents the very nature of the internet. It is a part of today’s society which remains surprisingly unmoderated and uncontrolled in comparison to print media and other forms of socio-political expression.
It appears that when it comes to internet security, there must be further emphasis on taking personal precautions. The government will never, and should never, have control over the internet in such an overbearing way.
Image: Michael Black