Terrorists exploit Mumbai net security
By Pulkit Sharma
Terrorists aim to create a climate of fear and insecurity to achieve their ends. Is India’s generally lax computer security providing terrorists, militants and cranks the opportunities to threaten others without fear of being tracked down? Last month, an organization claiming to be the Indian Mujahideen, hijacked the WiFi connection of Mumbai-based American Ken Haywood to send an email to TV Channels claiming credit for the blasts which killed many.
Police checks of Ken’s computer showed that his connection had indeed been used without his permission. Despite police requests to stay in India, ken has fled back to America.
On the weekend, another email purporting to be from the same outfit, Indian Mujahideen, was send from the open unsafe WiFi internet system of the Khalsa College in Mumbai. According to police, anyone within 20-30 metres of the Khalsa College could have hijacked the wireless connection to send the email. The connection did not even have the basic security measures of being password protected.
Techgoss spoke to Rajshekhar Murthy, CEO of OrchidSeven Infosec, and a highly qualified security expert, about this security weakness in our country. Rajshekhar is consulted by a number of high profile Government and private companies, He told techgoss that a war-driving exercise his team did last year showed how vulnerable many of Mumbai’s WiFri systems were to such abuse. And that proper security measures could help secure such computer systems.
Rajshekhar told us: “Last year, our team (which included highly regarded security experts Biswajit Behera, Alok Tripathi, Kiran Nair and Krishnamurty Setty) did a war-driving exercise in a car and covered areas from Kalyan, Thane to Andheri, Airport and finally the western region - Malad, Bandra and other suburbs. Our security audit done last year showed:
More than 320 wi-fi networks were open and unsafe near Mumbai Airport / Andheri.
Major regions of central Mumbai are dominated by Netgear devices.
Major western region of Mumbai is dominated by Linksys devices.
Thane, surprisingly had over 170 hotspots. These were active insecure / open access points / networks.
We were able to sniff emails of hi-profile business professionals from the airport and some 5-star hotels near by.
Techgoss note: War-driving is a methodology used to test the security of wireless computing connections by driving through a neighborhood with a wireless-enabled notebook computer and software that can detect open, unsecured connections.
As the number of WiFi connections become more popular, it is almost certain that any security audit this year will reveal an increased security threat to our country.