The e-mails sent out in the aftermath of the Delhi and Ahmedabad blasts reveal that the Indian Mujhahideen hacked into unsecure WiFi networks to send out the terror e-mail.
Internet users could adopt the following methods to ensure that s/he is safe.
- Disabling the SSID broadcast. To some extent this makes it difficult for the hacker to detect the presence of a WiFi access point.
- Enable MAC address filter. Each network interface has a unique MAC address, by filtering it, one can to an extent control which machines can use the access point.
- Turn on WPA/WEP encryption. This ensures that traffic between a legitimate machine and an access point is not readable.
- Change default admin passwords for access points.
- Ensure access points are placed securely. In the centre of a room/office etc to minimise its signal strength outside the office.
Even after following the above precautions, your WiFI account could be compromised and hence, the things to look at are:
- Monitor usage of the access point. Have a clear inventory and knowledge about the position of each access point.
- Monitor the usage of the Internet link, to know what traffic is going out. For example, some corporate block e-mail providers like yahoo or hotmail. Hence, even if the access point is compromised, the hacker may not be able to use public e-mail systems.
- Consider a specific security policy for wireless networks. For example, most companies primarily use wired networks in the office as the primary media. Access points are used in common areas like conferences rooms etc. Hence, strict policies can be deployed on wireless networks as compared to wired networks.
Role of Digital Forensics:
Digital Forensics means the analysis of electronic media to detect forgery or manipulation. It is used to identify possible culprits and also to gather legal evidence to be used for prosecution.
Digital Forensics is a highly-specialised area and if not done using the right skills and tools could lead to evidence being deleted or not usable in the court of law. It is similar to that of criminal forensics and hence needs special skills and tools. Hence, it would be advisable for companies to understand their responsibility and the do's and don'ts during a breach.
Public e-mails systems have limited information about its users and normally provide it to law enforcement agencies on special request. This information is picked up during e-mail ID creation, usage etc.
Most usual information picked up is the source of the Internet Protocol, which can be masked using techniques like using others' WiFi networks. Hence, unless e-mail providers enable higher security mechanisms like special authentication while creating users not much can be done. It is not easy for e-mail providers to do this as, by definition, these e-mail systems are free and open for people to use.