Home use Wireless Routers – Are they safe?
One of the most common questions I am asked regarding home use wireless routers is "What is the risk if someone uses my Internet connection?" The answer below highlights the concerns, some of which are critical.Is it just free internet they are after or is something else at work here?
It’s not just free internet they are after. There are many other goals to using someone else’s connection. They are;
1) Hijacked connection
Someone using your internet connection can use that connection to attack another computer. A hacker who tries to attack a target, particularly a secure target, will never use his own Internet connection because secure targets always log all activities. While it is true that hacker can spoof his connection details and mask his location, it’s easier and less risky to use someone else connection. That way the hijacked connection will be logged and will potentially get the blame for the attack, keeping the true attacker anonymous.
2) Attack the host computer or another computer on the same network
Despite the ever decreasing cost to buying a new computer, most computers being used in homes these days are still on old versions of operating systems such as Windows95/98, and moreover they have no active anti-virus protection (some even have anti-virus software installed but it was not active because the trial version was over and/or it was never even activated by the user). This is mildly surprising given the date of this writing being October 2007. This is significant due to the fact that the older operating systems are very easy to penetrate.
Once penetrated via the wireless connection, the hacker can install simple software, known as a Trojan horse, that will automatically transmit to the hacker personal information such as passwords, internet history etc… This information would allow the hacker to log in to your bank account or even connect to your office using your VPN and do an incredible amount of damage.
This is a common approach as it provides good results for hackers with minimal risk.
3) Hijacked computer - the Zombie
This differs from #1 above in that a hijacked connection can be used at that specific time for an attack. A computer that has been compromised and turned into a Zombie can be used repeatedly at the will of the hacker. This accomplished in the same was as above through the installation of software through the wireless connection. The software allows the hacker to remotely activate a coordinated attack from an army of Zombies. This then involved your computer in a criminal offense (alarmed yet?)
4) Data Stash or Data Store
There are many hackers who have lots of stolen (or otherwise illegal) data that they need to hide. They can easily use a victims machine to store the information on. They techniques that they use are masked so well that only forensic computer tools can detect what has happened. The files will not be visible to the user and the disk space will also not show as used – it’s very hard to know when this has happened.
5) Bandwidth
There are some hackers who will use your connection to download or upload very large amounts of data. These files can be many Gigabytes in size and can cause additional billing for some someone’s internet connection.
6) Privacy Violations
Imagine a hacker activating your microphone and just listening in on conversations in your house. They can access the camera in the same way if your computer has one. If a corporate attack is underway, a home-based privacy attack can provide good inputs to support a corporate attack. A CEO or CIO might be good targets for a home based privacy attack.
How can we protect ourselves?
The level of protection required will vary from person to person depending on what activities one engages in. The protections to implement are as follows;
1) Configure your Operating System Firewall (most operating systems have one included) to have some level of protection. There are also many commercially available options that can replace or supplement the one built into the Operating System. They are not overly complex to configure and there are many manuals and step by step guides available either with the software or free over the Internet.
2) Install up-to-date anti-virus software, ideally one that also provides anti-hacking protection. It’s advisable that one also learn how to use the software effectively as most anti-viruses have many protections that you need to know how to work with. There are many good tools out there, but as of this writing I use Kaspersky on my computers.
3) When your computer is not in use, shut-down your router or internet connection.
4) If you need to store any critical information such as bank account details, private keys or something similar, store it on secure media such as a secure USB drive that keeps the information encrypted and can't be retrieved by hacker.
5) Use the encryption and other security features provided within the Router itself. The hardware units that provide the wireless service come complete with documentation that outlines how to configure the security features. It may takes a little while to understand how to set it up and then how to configure the legitimate computers to have access but it’s a worthwhile exercise.
