Share this
Mister Wong
Digg
Del.icio.us
Slashdot
Furl
Yahoo
Technorati
Newsvine
Googlize this
Blinklist
Facebook
Wikio
Hear this text
Print
E-mail
Tags
Ignorant accessory to crime?
You would not leave your house without locking the doors and setting your alarm, as theft is a very real possibility these days. So why would you leave your wireless network open to the very same thing? Having an unsecured wireless network in your home or your business is similar to leaving your house unlocked. It leaves you vulnerable to thieves who can steal your bandwidth and use this for whatever purpose they choose, legal or otherwise, writes Simon Webster.
"War walking", which involves individuals walking around with WiFi-enabled devices such as laptops and PDAs, searching for and tapping into unsecured networks; and "war driving", a similar process where the individuals drive around in cars, are the two main methods people use to steal bandwidth. And while this type of digital trespass is not illegal in South Africa as yet, it can cause inconvenience for people when their cap is reached by unauthorised users. Quite apart from being inconvenienced, victims of bandwidth theft could actually land themselves in jail. If hackers use your bandwidth for illicit and illegal activities such as sending out spam, spyware and viruses, or even distributing illegal forms of pornography, the owner of the router used to perform these acts is held liable and will face the penalties involved, whether these are fines or a prison sentence.
When unauthorised users gain access to your network, it also opens it up to an entire host of other issues. Your confidential information could be compromised, and hackers with malicious intent could use your machine for Denial of Service attacks or even install viruses and spyware, which could then turn your machine into a zombie computer that becomes part of a botnet and is used for other illicit purposes.
If confidential information is leaked to unscrupulous competitors, they could use this information to compromise your business, undercut your pricing or steal intellectual property, which could put your company out of business.
With all these security risks, it is amazing how many organisations continue to leave their wireless networks unsecured, particularly when securing them is a quick and easy process. The simplest way to protect a network is to password-protect it.
Another, slightly more secure method is to create a pre-shared key (PSK). This requires the owner of the network to devise a password that then must be shared with any users wishing to access the network.
These methods take less than a minute and will deter more than 99% of casual war walkers.
Other good things to do to protect the network are to change default passwords on routers and connected devices. While these methods work most of the time, the ultimate level of security for wireless networks is to enable mac addresses. A mac address is the unique code that every electronic device is given when it is manufactured – much like a fingerprint, as each device's code will be different. A wireless network can be set up to allow access only from devices that have had their mac addresses permissioned by the router. This will deter almost any attack, except from a very determined and malicious hacker.
The lesson at the end of the day is that the value of any business lies in its data, which raises another concern. Not only should data that is available over a wireless network be secured with at the very least a password, companies also need to ensure that mobile workers back up their data.
With increasing numbers of employees working on the road, there is a vast amount of data stored on laptops and PDAs which needs to be backed up effectively and encrypted, as these devices are easy to steal. If this does occur and the data is not secured, then valuable information could be lost or fall into the wrong hands.
Securing data is paramount to keeping a business secure and safe, whether this entails securing networks or backing up data effectively. Without these measures in place, the most valuable asset of any organisation, its data, is at risk and could sink an organisation.
Security is important and, in this day and age, it is not something that businesses of any size can afford to overlook.
Simon Webster is technical consultant with the Webcom Group
