If you are a wireless (read Wi-Fi) internet user, you could easily be the next victim of a terrorist who accesses your computer to send emails, which can get you into trouble with authorities as was the case with some users in Mumbai.
Experts caution that people who crack into these accounts mostly do so not because their geeks or hackers, but simply because most users do not care to secure their computers by changing the default password of the Wi-Fi routers provided by the manufacturer.
Consider the case of Sanjay Prasad (name changed) who logs on to his unsuspecting neighbour's Wi-Fi connection and surfs to his heart’s content without paying a penny. Neither geek nor hacker, he continues to cleverly makes use of a loophole, rogue hotspot or unsecure connection, by using the default password of the router, which normally is '1234’, '0000’ or '5555’.
Even though, the exact number of Wi-Fi networks in the country is not available, it’s estimated that around 50 per cent of the total 4.38 million broadband connections are Wi-Fi enabled. Of which only 10 per cent has been secured. This, according to Jasjit Sawhney, chief executive officer of Net4India, an Internet protocol service provider, implies "there is a bigger catastrophe waiting to happen”.
“In most of the cases there is no real hacking and the ‘hacker’ just uses the routers’ default password after finding a open Wi-Fi network. This is a simple process and can be likened to leaving your house or tijori doors ajar,” Internet Service Providers Association of India (ISPAI) President Rajesh Chharia said.
The process is simple. All the hacker (he cannot be called a hacker as there is no forced intrusion into a network) does is to take his laptop or other handheld device to some place and search for open networks, which is as simple as searching for another bluetooth device from a mobile phone, and log on with the default passwords.
More From This Section
Wi-Fi connections emanate from a router, which is a plug ’n play device, meaning user can buy it from the shop and connect it to his broadband network and create a hotspot of around 15-20 feet.
In majority of the cases, the default password is '1234’. These default passwords -- others are like '0000’, '5555’ or '9999’ -- are never changed by the user, even though the manual of all routers clearly mentions this has to be changed after the purchase.
“It cannot be hacking,” says Braham Singh, chief executive officer, You Snapper, a broadband service provider. The hackers, in this case terrorists, identify an open network using their laptop and try all the default passwords. If the passwords don’t match they move away trying to locate another open network, he adds.
Use of default passwords is not restricted to Wi-Fi networks alone. It can spill over to other wireless devices, even though at present it’s restricted to signals that emanate from the users’ end. Apart from WiFi, Bluetooth devices can also fall prey to this process. Singh also says that he had come across a number of such open networks that were detected on his laptop during his travel across the country.
British Telecom Chief Regulatory & Government Affairs (India & SAARC) Satya N Gupta has an advice: "Secure all your wireless networks with a password, and this time not by the one provided by the manufacturer". It's time to heed the advice.