There are laws against it. Turn him in. Maybe some jail time will change his attitude.
Make sure you save your logs for evidence.
Switch over to WPA use a pass phrase from
http://www.grc.com/passwords he want have enough time in his lifetime to crack it.
If you have a spare Router. Set it up for you. Hide SSID, WPA security.
Then ....
If you have a spare computer you want to sacrifice. Put in on a lan by it self for 24 hr with no protection what so ever (maker sure the NAT is off, we want the bad stuff to find it). Then connect it to the router that he has cracked. make sure file sharing is turrned on so he will have full access, NO Internet access. Then when he goes snooping he will be bombarded with a mass of adware and virus.
I'm using 256bit wpa.