Open Wi-Fi Network- Vulnerable To Abuse
NEERAJ AARORA, AICWA, LLB, PGD (Cyber Law), ACFE (USA)
Suddenly, the word Wi-Fi has become popular for all the wrong reasons. Wi-Fi also known as 802.11 networking is short for wireless fidelity which is used to access internet. It has become so widespread that the Internet can be accessed just about anywhere at any time, without using wires. Wifi hotspots are now everywhere, at homes, airports, coffee shops, bars, even shopping malls. However, with wireless, some new risks have surfaced that are being exploited by the terrorists with impunity. Recently, after the Serial blasts in New Delhi, an email was received at the office of a renowned newspaper claiming responsibility for the blast. When the origin of the email was tracked, it was found that IP address via which the email was sent was registered in the name of a Bombay based company; M/s Kamran Power Control Pvt. Ltd. It is highly unlikely that the email was sent by the company and most likely the Wi-Fi connection of the said company was being hacked by the Computer Savvy terrorists to send the email, as it was done after the Ahmedabad blasts in July in which the terrorists compromised the Wi-Fi network of an US Citizen to send the email.
Thus, the above incidents have put the Wi-Fi Connection at home or office at high risk and it is high time now to introduce some robust security measures to protect the Wi-Fi connections so that it cannot be compromised for anti national activities or illegal activities or else there is possibility next time it may be your Wi-Fi Connection that may be compromised and you would welcoming the Cops at your doorsteps.
Problem lies in the fact that most homes and business that use Wi-Fi Internet services never use encryption or have adequate network safety which leaves them, their data, and the Wi-Fi network vulnerable. When a network is left open (unsecured), other Wi-Fi users can get onto that network without any credentials at all, no need for passwords, encryption algorithms, or any other security related information. All they need is a laptop, a wireless card, and a good location.
Once on the network, these people can not only “bounce” off your signal to gain internet access, but can also attack your internal network, bypassing the firewall that many of these new devices now include. This leaves your entire internal network open to attack.
This unauthorized user can also use your network to email millions of spam emails, or terrorists can shoot off emails every time they carry out bomb blasts or hack or crack websites and servers, or even spread a new virus. The liability of illegal activities would lie on you unless or until you are able to prove otherwise.
Tips to make Wi-Fi Network Secure:
- 1. Get your Wi-Fi Network password-protected immediately and change it on a frequent basis.
- 2. Use effective authentication mechanisms and permit access to internet to only authorised persons using wireless devices.
- 3. Maintain a log of users accessing Wi-Fi networks.
- 4. Make sure that you turn on the Wired Equivalent Privacy (WEP) algorithm, which is part of the 802.11 standard common to most LAN (local area networks). This mechanism provides for an encrypted key to be exchanged between the PC card and the access point. While not perfect, it does provide for some level of security.
- 5. Change your network name and Default SSID (Service Station Identifier) and manually administer the MAC (Media Access Control) addresses that can attach to your network will close your network to unwanted trespassers.
- 6. Disable SSID Broadcast which enables roaming feature and can be compromised.
- 7. Enable Firewalls on each computer and router. Ensure that your router’s firewall is turned on.
- 8. Turn off your network when it is not in use.
- 9. Last but not the least, no security measure are foolproof and always assume that some one is trying to compromise your Wi-Fi Network, no matter what security matter you have installed. Keep check on your download and Temp files.
What the Government can do to regulate Open Wi-Fi Networks:
It has been found that at the ISP level Wi-Fi Connections are secure. All ISPs are installing robust AAA servers and firewalls. But if you look at the terror mails, they were found to be sent from the hacked or open Wi-Fi networks. When the people take Wi-Fi connection, they never use encryption or have adequate network safety. Therefore, it is now imperative given the volatile situation and impunity with which the terrorists are abusing open Wi-Fi networks, the time has come now for the state to regulate WiFi networks, even to the point of banning free and unintentionally open networks. The password protection should be made mandatory for every customer using a WiFi network. Besides, the ISPs should also be asked to ensure that customers access the internet over a WiFi connection only through a password. In case of violation, the ISP should be held accountable and punished. Awaken by the abuse of Wi-Fi Network by the terrorists, of late, the TRAI has started evaluating various measures that can undertaken to ensure that the Wi-Fi Â Â Network cannot be compromised & used for nefarious activities. The broad guidelines related to Wi-Fi Network are to follow once the study of TRAI is over. The TRAI as an interim measure had asked the government to direct all Internet Service Providers (ISPs) to instruct their customers to have ‘proper authentication measures’ so that this facility is not misused. In its communication to Department of Telecommunication (DOT), TRAI directed that “All ISPs may be instructed to ensure that their subscribers using wireless devices must use effective authentication mechanisms and permit access to internet to only authorised persons using wireless devices”.