Do Hidden SSIDs Work?
The logic makes sense: If it can’t be seen, it can’t be attacked. But that logic doesn’t always work with wireless SSID.
Many businesses and individuals hide their SSIDs (known fully as a Service Set Identifier) with the hope of eluding hackers. A prevailing theory in security has long held that by cloaking an SSID, hackers won’t know your network exists, and thus, can’t penetrate it.
Simply put, that theory is wrong. Cloaking your network isn’t as safe as you thought. Cloaking an SSID may buy you time, and even lull you into a false sense of security, but determined hackers will eventually locate your network. It’s easier than you think; they have the tools to do it.
KARMA Will Come and Get Your Device
The first thing to consider is that an SSID wasn’t created to be a security mechanism. An SSID is a network name and not a password. The SSID distinguishes your wireless network from others in the area. When a wireless device – laptop, smartphone or tablet – tries to connect to a Wireless Local-area Network (WLAN), it searches and listens for beacon and probe frames of the available networks’ SSIDs.
But many businesses and homes cloak their networks. Businesses will tell employees the company SSID so they can connect their devices to the network (or an IT administrator configures access for them). But hackers aren’t fooled; they get help from your device.
Your laptop and smartphone send out probe requests that seek information about nearby WLANs as the device tries to find the access point it’s associated with. Hackers love this because the information exchange between the device and WLAN includes the SSID.
All a hacker needs is a bit of KARMA – a set of wireless sniffing and responding tools that discover devices and their preferred networks by listening to those probe requests and responding. KARMA tools capture probe conversations and display the SSID in plain sight. What’s most troubling is that many of the tools have special features that enable hackers to seek non-broadcast networks.
This is why you should be leery of using free Wi-Fi in coffee shops, libraries, store and other places. A hacker can sit unnoticed in a free Wi-Fi zone looking for non-broadcast networks. Even if your device is not connecting to your WLAN – and even if the network is miles away – it still remembers the hidden SSID and sends out probe requests looking for it. The hacker simply needs to pretend to be that SSID and gets access to your device before you even know it.
Similarly, a hacker can sit outside your business or home and use wireless sniffing tools to capture the many probe requests all around him.
Don’t Open Your Network to Commjacking
Commjacking – the hijacking of your wireless communications – is a legitimate threat that can cripple your business and cause damage to your personal finances and reputation. Cloaking an SSID, as you now see, not only fails to protect a WLAN but it also exposes devices connected to it.
To truly protect your network, use protocols that are intended to address WLAN threats. Try encrypted communication. Avoid using free WiFi with devices. If you’re a business, consider a Virtual Private Network, and using Coronet on your devices.
It’s not enough to hide from hackers. Taking legitimate security steps in plain sight will protect your SSID and network.