Are you helping a terrorist with your wireless internet connection?

 

Terrorists today have become tech savvy. Modus operandi of terrorist-group(s) in recent bomb-blasts in Indian cities of Jaipur, Bangalore, and Ahmadabad and just now in Delhi proves it.   As has been reported in the media, law enforcement agencies believe that insecure wireless networks belonging to individuals (like “Ken Haywood) and institutions like universities were misused by terrorists to send emails to the press claiming responsibility for the blasts. See this Times of India article if you need any further background on the above.

 

v So what’s the problem?

 

In the past, intelligence agencies/law enforcement agencies have been able to track such emails to a specific IP address used by criminals/terrorists. However, now the terrorists have become smarter than before, it seems. Such ruthless mercenaries now look out for vulnerable wireless networks used by general public for Internet access in homes or offices etc.  This act of surveying an area for open/exposed/unprotected wireless networks is called “war driving” and can be carried out by a terrorist sitting in his car outside your home/office. Once the terrorists find a vulnerable wireless network (like the one with no password), it becomes a piece of cake for them to hijack and use that Internet connection to send emails of any kind to anybody (like the press or the law enforcement).  These dubious persons, who are ruthless and impudent to the extent of insanity, needn’t be standing  right next to you and  could use a laptop or a less conspicuous PDA for ‘war driving’ from a distance of 20-100 meters from your network. When the law enforcement analyses at the header of such emails (to trace where the email came from) they find the IP address belonging to the vulnerable wireless network which was exploited by the terrorist and helpless individuals are interrogated.

 

v How can a home wireless network be secured?

 

What could be done to minimize the risk of terrorists exploiting your home, university or company wireless network? At this juncture, let me clarify here that, we are not talking about full-fledged sophisticated wireless security solutions or techniques but at least some basic things which can be done by system admins managing wireless networks or techies with a home wireless network to secure their own and their neighbor’s wireless network! These are as follows:

 

 

a)  Keep a strong password for your Access Point (AP)

 

Most access points come with a default (factory set) password which can be used by an administrator to login to the AP through a web browser and make configuration changes. Several hacking websites publish a list of such access points (of various brands) along with their factory set passwords. Needless to say, such lists are available to anybody with minimal Google skills and off course to the terrorists and therefore if you haven’t changed this default password, sooner or later your wireless network may be broken into.

 

To change your access points default password, you can login into your AP with a web browser (if such functionality is supported).  e.g., some Access Points, like those from D-link and Linksys can be configured through the URLs: http://192.168.0.1 and http://192.168.1.1 respectively. After the login, you should see a password tab where you can configure your AP with a strong password. A strong password would be a combination of numbers, letters in small alphabets and some letters in caps lock and would preferably be of 8 characters length or so. If such a password sounds inconvenient to remember then you could keep a password based on any random phrase which you can remember like “the rabbit goes fox hunting”. Also, it would serve well from security point of view to change the password periodically, say once every month or so.

 

b) Make your network invisible

 

Hackers/Terrorists may use software tools to scan an area/location to find out the various wifi networks in that area. Your access point generally broadcasts your network name (SSID) freely in the air and anybody should be able to detect its presence and attempt to connect to it. Some of these wireless network detection tools can be defeated by hiding your network presence. For this you need to configure your wireless access point to disable SSID broadcasts.

 

You can log into your Access point and select “Disable SSID” (or something similar; see your AP manual) to disable such broadcasts. Note that, you will now need to manually configure your desktop/laptop or PDAs with your new network name to be able to access your wireless internet connection.

 

c) Change the Default SSID

 

Like the factory set passwords, APs also come with a default network name (default SSID). Even if you hide your network as described in (b) above, if somebody knows your network name, he/she can still find your network. Lists of default network names along with the brand of Access points are freely available on the Internet and act as a tool in the terrorist’s war driving chest.

 

Therefore, it is recommended that you login to your access point and assign a new network name (other than the factory set).

d) Strong Encryption key

 

Access to your network should be restricted with a strong encryption key based on a wireless security standard. Your wireless client (software on your laptop or PC) uses this key to authenticate to your Access point and enables you to access the wireless network and/or associated internet connection. This key/password should be strong. Many people such as those whose wireless connection was actually exploited by the terrorist group, e.g., “Indian Mujahidin”, probably (seems so from the news reports) did not have any password or encryption key for their network.

 

At least some form of encryption (like the one based on the WEP standard) should be configured for your wireless networks. Although, WEP (Wireless Equivalent Protocol) is inherently insecure, but it’s certainly better than having no encryption. Note that, it doesn’t matter how strong a ‘version’ (like 128 bit) of WEP is used. WEP’s inherent flaws can be easily exploited (encryption can be cracked by readily made tools available on the Internet). Therefore, if you wish to use a stronger encryption, you should disable WEP and enable WPA (Wi-Fi Protected Access) encryption which is more secure than WEP and relatively harder to break into. An even stronger encryption standard for wireless networks is WPA 2.Note that your wireless router /AP may not support WPA /WPA2, in which case WEP remains the only option. If you end up using WEP encryption, make sure you change your encryption key (password) periodically.

 

e) Switch off Wireless network when not in Use

 

This should be self explanatory!

 

f) Restrict access by MAC Address

 

Many APs also allow you to define the specific computers/systems which can connect to your wireless network. This is achieved by specifying ‘allowed’ MAC addresses in the access point configuration. MAC address is a unique identifier for any network adapter (like your wireless network card). You can configure your AP to only allow access to your systems (like laptops etc.) to connect to the wireless network.

 

To re-emphasize, this article is focused towards home/small office wireless network security, For a robust wireless security solution , one would also need to consider wireless intrusion detection systems, maintain auditing trails which are reviewed frequently , implementing encryption key management procedures , performing periodic wireless security reviews, RADIUS authentication etc.

 

For a home wireless Internet connection, at least the first 5 steps should be taken by a home user. I have tried to make the wireless security concepts simpler so that they can be referred to by anybody with minimal knowledge of wireless security. You can use the above list to secure your network or consult with specialists in your area to ensure that your wireless network is safe. If you aren’t a techie, the above will help you to be a bit more aware about what may be required for securing your wireless networks. At least after reading the above list of safeguards you might be able to ask your Internet connection provider or a techie nearby to secure your network! Also, though the implementation method (how to do it) of above mentioned safeguards vary by Access Point brands, the principles are the same. It’s best to seek expert help (like your wireless Internet connection setup guy) or network administrators and consult the manual that comes along with the APs to ensure that the above safeguards are implemented properly.

 

v Food for Thought

 

You might wonder if all the above effort in securing your wifi network is justified. “Can it happen to me? It might have happened to “Ken Haywood” or others but it won’t happen to me”. I bet both Ken Haywood and other thought the same before the Anti Terrorism Squad came knocking on their doors!

 

Consider, implementing wireless security measures as being diligent and being a responsible citizen. We demonstrate such attributes when we look out for unattended objects in a public area and inform the law enforcement. Now given that the scourge of terrorism is reaching new frontiers and becoming more sophisticated, the magnitude of our prudence/diligence also has to increase and be in consonance with the current trend. It’s not a matter of choice anymore; it’s a matter of survival…