The Perils Of Leaving Wi-Fi Networks Unsecured
Monday September 15, 2008 at 7:23 am CST
Posted by Vinoo Thomas
People don’t seem to seriously care about Wi-Fi security yet. Inspite of oft-repeated warnings, ignorant folks with unlimited bandwidth plans believe that they are doing a social service by allowing neighbors to leach their Wi-Fi freely. What they fail to understand is that by doing so, they can become an unwitting accessory to cyber crime.
Instead of scouring for anonymous proxies to stay faceless on the internet, cyber criminals are increasingly targeting unsecured Wi-FI networks to get the job done. A combination of war driving tools such as NetStumbler along with a listing of default router usernames and passwords is all it takes to freely connect to unsecured Wi-FI networks. Especially since most Wi-Fi routers use default security settings that come pre-installed by the vendor rather than it having being configured by the end user.
SOHO routers log every connection and DHCP lease but these logs are flushed once the router is rebooted. If an attacker has access to the administrative console of the router (thanks to the default password), once their nefarious actives have been carried out, a simple restart of the router will erase all tracks.
The extent to which an unsecured Wi-Fi connection can be abused is purely left to imagination of the attacker. Putting on my Dr.Evil hat, here are couple of wicked acts a Wi-Fi hacker could commit and get away undetected using an unsecured network.
- Download child pornography
- Download copyrighted movies and music via P2P
- Download Warez and abuse your bandwidth
- Send bomb hoaxes, terror or threatening emails.
- Send spam (sexual aids, pharmacy or money laundering scams)
Any of the above acts could lead to law enforcement authorities knocking on your door. This is not mere speculation and many unsuspecting people have fallen victim. To quote a high profile example, in the recent serial bomb blasts in India, terror emails that took responsibility for the blasts were sent from unsecured Wi-Fi connections. And it was the unfortunate owners of the unsecured Wi-Fi connection that were subjected to police questioning and house arrest.
In addition to using an unsecured Wi-Fi network for malicious purposes, an attacker can also use it to steal personal information for identity theft. For example:
- Infiltrate and break into internal machines
- Modify DNS settings on the router to point to a rouge server.
- Sniff Wi-Fi traffic for usernames and passwords
The above discussed scenarios are neither speculation nor an exhaustive listing of different ways for abusing unsecured Wi-Fi networks. These scenarios are being enacted by criminals everyday around the world.
Now why would want to be an unwitting host to criminal activities emanating from your IP address or make yourself vulnerable to identity theft? Be a responsible Netizen and please secure your Wi-Fi connection now!
September 15th, 2008 at 7:54 am
I’m going to use this article to scare the shit out of our customers!!! I work for an ISP abuse department, and can’t tell you how many people have unsecured Wi-Fi’s. Thanks for a great article!!!
Tim
September 15th, 2008 at 7:26 pm
You bring up very valid points with regards to what a malicious attacker might do with an open wireless AP. All of those things should be taken into consideration by someone that consciously makes such as choice. Most importantly, I think users should be aware that their data is at risk by opening an AP. However, I’d make two points. First, wireless security sucks. WEP is trivial to break and WPA/WPA2 can usually broken fairly easily. Brad Anton. at Foundstone wrote up lots of nice attacks. So, “securing” your wifi appropriately is difficult for most home users. Second, law enforcement and the MPAA shouldn’t rely on IP addresses to establish who committed a crime (such as downloading child porn). Trying to reinforce that assumption is bad in my opinion.
September 16th, 2008 at 10:53 am
[…] Wireless Security - Too Dangerous to ignorehttp://www.avertlabs.com/research/blog/index.php/2008/09/15/the-perils-of-leaving-wi-fi-networks-uns… […]
September 16th, 2008 at 10:54 am
[…] Wireless Security - Too Dangerous to ignorehttp://www.avertlabs.com/research/blog/index.php/2008/09/15/the-perils-of-leaving-wi-fi-networks-uns… […]
September 16th, 2008 at 12:27 pm
When the fbi raids their house then they will care about wifi security
LOL
September 16th, 2008 at 1:58 pm
[…] A home based wireless LAN (WLAN) can provide convenient and easy access to the Internet for all family members. However, if it is not locked down properly, it provides access to anyone who is in reception range. Most “visitors” would access a non-secured WLAN for free Internet connectivity. However, there are dangers where private information on the WLAN hard drive could be discovered or these visitors may access to highly inappropriate sites. Likewise, a business must protect the privacy of their customer information. If a WLAN is setup, there is a need to use the latest equipment, safest security protocols, and take time to learn the key elements of wireless security. As the article from AVERT labs reflect, it’s too dangerous to leave unsecured. Wireless Security - Too Dangerous to ignore http://www.avertlabs.com […]
September 18th, 2008 at 4:23 am
India is considering making unsecured wireless networks illegal:
http://www.pcworld.com/businesscenter/article/151171/india_wants_to_secure_wifi_hotspots_citing_terror_threat.html
It’s all too easy to make proclamations like this, but it’s extremely unlikely that this will lead to increased security and accountability unless implemented very, very well. For example, I’m sure most people and even law enforcement personnel are unaware of how vulnerable WEP is, yet this is what most people use even today. Will the proposed law mandate the use of WAP2 instead of WEP? Unlikely.
Secondly, even if (and I mean IF) all wireless networks in the country were secured with WAP2, what is to stop terrorists from walking into an Internet Browsing Cafe (there’s one on every street corner in Indian cities)? Order all Internet Cafe owners to verify ids of all their customers? Couldn’t possibly work.
Even IF this is all done, terrorists can just use the free wireless networks provided by airports and coffee shops.
There are just too many holes to plug in securing public internet access. This money and time would be better spent funding Intelligence organizations to do real anti-terror operations.
September 25th, 2008 at 7:44 am
[…] Wireless Security - Too Dangerous to ignorehttp://www.avertlabs.com/research/blog/index.php/2008/09/15/the-perils-of-leaving-wi-fi-networks-uns… […]
September 29th, 2008 at 6:15 am
Good point about the logs being flushed on reboot. Anyone choosing to offer open Wifi should be running a syslog server, which many SOHO routers support, as well as securing the admin account with a strong password.