View Online

Alert Services (Advisory)
7 June 2013

Australians continue to use out dated encryption

Businesses and home users are advised to avoid using the Wired Equivalent Privacy (WEP) security protocol for wireless connections.

Once commonly used, the WEP security protocol is today considered broken and should not be used.

Although most router/modem manufacturers and Internet Service Providers currently supply and support devices with higher levels of encryption, many computers and networks continue to maintain wireless connections via WEP.

If you still currently use WEP, your wireless connection is vulnerable, information you send via this method is easily accessible via sniffer tools downloaded from the Internet.

You should check your current settings and if you currently use WEP, choose an alternative security protocol for your wireless connections.

How to find your wireless security settings:

Windows
For Windows based computers, you can check the level of security being used on a wireless network by viewing Network Options in the Control Panel. From here, select your wireless network and open the Properties for that connection. The exact name and location of these options will vary between versions of Windows. A security tab or menu should offer a choice of security protocols for your device.

Apple
For Apple based computers, you can check the level of security being used on a wireless network by clicking the Network icon in the System Preferences. Select your connection on the left hand side and the security level will be listed next to the network name.

How to update your wireless security:

Updating wireless security varies depending on the make and model of your wireless device. Refer to your manual for individual product details.

Modern modems, routers and wireless devices typically offer a range of encryption protocols. Wireless encryption should be set to WPA2 if available (or WPA if not).

There can be various types of WPA2 encryption, with the simplest version being WPA2-PSK. This uses a network name and requires a password. Most computers and smartphones can connect to WPA2 networks with minimal reconfiguration.

If your wireless device does not support any encryption other than WEP, it is strongly advised to update your equipment.

More information

More tips are available here (PDF).

The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.

Information provided by the Internet Commerce Security Laboratory, www.icsl.com.au

Disclaimer
This information has been prepared by Enex TestLab for the Department of Broadband, Communications and the Digital Economy (‘the Department’). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.
Host of subscription service
The Commonwealth has engaged Ladoo Pty Ltd to host the Stay Smart Online Alert Service. All URL links should show the domain send.ladoo.com.au at hover over. URL links related to the administration of the service (‘View online’, ‘Update your profile preferences’ and ‘unsubscribe’) should direct you to web pages hosted by Ladoo Pty Ltd.

CONTACT US
Facebook: www.facebook.com/staysmartonline
Email: staysmartonline@dbcde.gov.au
Web: www.staysmartonline.gov.au

2012 Australian Government. All rights reserved