Ask the Expert

Do WEP weaknesses call for an upgrade to WPA2 encryption?

I know that there have been reported weaknesses in Wired Equivalent Privacy (WEP). For those of us who have legacy hardware that doesn't support WPA2, how urgent is it to consider new hardware?

    Requires Free Membership to View

If your wireless networking hardware doesn't support Wi-Fi Protected Access (WPA) encryption, an upgrade is absolutely critical. The Wired Equivalent Privacy (WEP) standard has widespread, documented vulnerabilities, and it doesn't take an NSA-style supercomputer to exploit them. In fact, the Internet offers network-detector tools like Aircrack, which can easily break into WEP-encrypted networks. Someone sitting in a parking lot could crack your WEP encryption in minutes without ever entering your building.

What does this mean? If you're using WEP, your network and data are at significant risk. The best-case scenario is that you might have unauthorized individuals using your network and consuming your bandwidth. More nefarious individuals, however, might use your network for illegal activities: activities that would be traced back to your IP address range. Thieves might conduct corporate espionage, stealing your organization's private data as it flies around the wireless network.

The bottom line is that you should make the investment to upgrade your wireless gear to support WPA encryption. It's the responsible thing to do.

More information:

  • Not convinced? Executive editor Dennis Fisher explains why users should switch to the more secure Wi-Fi Protected Access 2 (WPA2).
  • Learn how malicious hackers exploited Wi-Fi weaknesses to access 45.7 million credit and debit card holders' information.
  • This was first published in July 2007