When the e-mail related to the recent Varanasi blast on 8th Dec
2010 in India was traced to its source, investigations revealed
that the e-mail was sent after hacking a poorly secured WiFi
connection which belonged to a resident of Navi Mumbai area.
The incident has once again highlighted the importance of secure
WiFi usage for office and home WiFi users after similar incidents
which happened in the past.
WiFi, due to its convenience, operation in unlicensed band,
reliability and wire like data speeds, is rapidly becoming popular
among masses for wireless Internet or network access. Also, WiFi
capability, that was limited previously to laptops or notebooks
mainly, is now available in most of the consumer devices, such as
smartphones, printers, scanners and tablets by default. All this
has resulted in growing number of WiFi users every day.
However, most of the WiFi users are still unaware or don’t
take proper care of known WiFi related security issues making them
vulnerable to security breaches and hacking.
There are a number of ways which can be used by hackers to
penetrate into enterprise and home WiFi networks and people need to
know at least the most common of them. The aforesaid incident of
WiFi hacking is also the result of this slackness on the part of a
person who has setup a poorly secured home WiFi for convenience,
which subsequently got hacked by a terrorist for sending the terror
e-mail and he had to unnecessarily face questioning from cops. Two
years back also, after the September 13, 2008 blasts in Delhi,
terrorists used an insecure WiFi network belonging to a private
firm to send terror e-mails. Other parts of the world have also
witnessed similar incidents of WiFi hacking in recent times.
Some common methods to secure
WiFi
Hence, it is high time for people to learn from these incidents
and start adopting secure WiFi practices. Some common practices
include deployment of properly encrypted WiFi (WPA/WPA2) network at
home and office places, turning off WiFi capability when not
required, taking proper precautions when surfing at WiFi hotspots,
etc. Security experts have already advocated the use of such
practices at various places and one can easily find these on
internet.
If one still does not bother and lingers to insecure WiFi approach
with the attitude that a similar incident will not happen to
him/her, then he/she needs to know that recently a Firefox
extension called Firesheep has been released for public by a
software freelancer. This software has turned the WiFi hacking into
a layman’s job. You just need to install the Firesheep and
own a compatible wireless card to hack into accounts of many
popular social networking websites belonging to users who are
logged on these accounts over an insecure WiFi network (in the
range of wireless card).
Also, if you believe that physical surveillance alone is sufficient
to avoid WiFi hacking instances, then you need to know that one can
easily get a high end smartphone today off the shelf which is
capable enough to launch various known WiFi attacks and also
provide safety from physical surveillance due to the small form
factor.
So beware and act fast for not becoming the victim of WiFi hacking
while still enjoying the WiFi convenience.
Ajay Kumar Gupta is a wireless security professional with core
expertise in wireless security