General security

Protect Your Wireless Network from Leechers and Hackers

Joshua
June 15, 2012 by
Joshua

Nowadays pretty much everyone uses wireless networking from your smart phone to your home and/or business networks. There are many security issues with wireless networking; the one that I see the most is security carelessness of some ISP's contractors and installation personnel.

ISP based WEP Vulnerability:

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

    I have noticed from work and personal experience a preventable ISP (Internet Service Provider) based WEP vulnerability that can be prevented through security training in wireless networking on the ISP's end of things. Some ISP's still uses the old and unsecure version of WEP (Wired Equivalent Privacy) with an easy to crack password. Can you guess what it is? Still don't know? Ok your phone number associated with your ISP account which when entered could be entered as an example 3105556666 or 6666555013, that's right either, forward or backward. Your probably asking yourself, why is this insecure? Good question, the answer is simple; most if not all hackers and leecher's know the ISP's that use this method of a quick insecure setup and all it takes is a little cyber tracking to find out all of the phone numbers associated with that address and then try them forward and backward. If a black hat hacker gets into the router problems can occur, such as being locked out of your router, hijacked internet traffic and even network infiltration which includes any computers on that network. There is also the risk of ID Theft as well that can come from either the network infiltration or through the cyber tracking part of the attack.

What is WEP?

Wired Equivalent Privacy: WEP is a security protocol based in 64 or 128 bit encryption for your network. It was one of the first wireless encryption protocols. It is extremely unsecure, easily cracked. WEP when it first came out was the start of a great idea but since then it has been replaced by WPA which was replaced with WPA2-P2K (WPA2-Personal) and WPA2-Enterprise which are more secure than WEP. WEP can also be replaced with VPN (Virtual Private Network) and other various protocols.

ISP Responsibilities:

As for the ISP's using this insecure but easy setup I would like to make a suggestion. Please train your technicians and contractors in cyber security techniques and procedures to prevent unwanted activity on both your clientele's wireless networks.

I'm not sure if this has become a law yet or not as I could not find anything on it, but the ISP should be using good risk management procedures which include training their employees and as such the contractors in wireless and wired security.

An ISP's responsibility should be to their clientele's security and well-being but from what I have seen there are some that have chosen not to make it a priority and it shows unfortunately like an ink blot on a bright white shirt.

Security Training for ISP Personnel and Contractors:

Basic internet users that want to click and go are defiantly at risk of this vulnerability and are easily caught up in the ploy by certain ISP's and their contractors. I ask that you the reader please do not get my words wrong; this is not a conspiracy to hurt certain ISP's consumers but rather a lack of security training and knowledge.

This brings me to my main point of ISP's training their field crews as well as using contractors trained in security procedures so as to secure their clienteles home and business wireless and wired networks.

    Where I live we have three main ISP's two of which use the much more secure WPA2-PK2 encryption protocols. For these two ISP's the encryption key is on the wireless router itself, but for the third the contractors they use don't understand the security ideology behind the WEP, WPA, WPA2-Personal, or the WPA2-Enterprise based encryption. I have heard many stories from different clientele as well as a personal experience before I got into the security game. In all of the accounts the story is much the same as the next, what they have heard from the contractor for this ISP is that "the WEP key used is just to logon to the internet service which is why the telephone number is used". This is true in a sense but in all reality highly unsecure, the real reason for using an encryption key such as WEP, WPA, WPA2-Personal, or WPA2-Enterprise is to keep unauthorized individuals from using your wireless signal to gain access to the internet and your network.

    I am not trying to say the ISP or its employees are evil black hat lovers but just the opposite, they are more like an average user who just wants to get up and go and not concerned about security. This is where security training for the contractor installation personnel as well as the ISP installation personnel would really pay off in the long run. First the misconception of the WEP encryption key would be stopped. Second the user could be instructed in basic wireless security procedures. Third the users home or business network would be a lot safer than it would be if the ISP was to not train their contractors and personnel.

    Why is using WEP inadvisable especially with a key as simple as the users phone number? Well WEP is one of the oldest versions of encryption for a wireless network and has since become easily cracked by both leecher's and hackers alike. Some people may say that hackers are in it for the challenge why would they waste their time with a simple WEP crack especially if they know the ISP uses the user's phone number? At this time I would like to welcome you to the "lifestyles of the hackers of cyber tracking". What is cyber tracking and how can it be used to find a WEP key? Well, cyber tracking is kind of like stalking your prey in the field but instead of attacking them right off you get to learn everything about them from the public information to the very deep secrets of the users. That's the challenge.

How to stop the Leechers!

    You may ask what are the symptoms of someone leeching off my network? The symptoms for the network can be the same as a network aware worm such as conficker, SQLslammer, IRCBots; minor to major network slowdown (this all depends on how many leeches you have connected to your wireless network), unknown IP Addresses showing up in the router logs, on rare occasions if you get too many leeches the network may crash. If you have one leech on your network it's guaranteed that there are more around sucking the bandwidth from the network. You may be asking, why are they called leeches? The answer is simple, in swamps there are little worm like creatures called leeches that attach themselves to your skin and suck your blood, they are also used as a natural blood letting solution to get rid of an infection. As with the worm like leeches internet leeches also drain you of precious bandwidth should they attach themselves to your network. Usually a leech is an individual that wants the internet but refuses to pay for internet services. It could be a teenager up to an adult that wants to get free internet.

WEP vs. WPA2-Personal Question:

Here is a fun question for the readers of this post; I would love to see what you ladies and guys have to say about this.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.

If a hacker were to choose a wireless hit to gain access to a target system which one do you think they would want to hit and why?

Joshua
Joshua

Joshua is currently working as head of security & malware research at Mohreus IT Security & Malware Research, a contract tech writer for InfoSec Island, as well as a full time student in cyber security. He is also currently volunteering with Malware Intelligence as a malware researcher, and heading several projects including project codename: conficker storm, teaching community security classes to law enforcement as well as a seperate class for regular users and individuals with disabilities. His passion is to help his fellow man throughout the world through cyber security.

The current focus of his work is learning to research malware better, reverse engineering and other related studies involving technology.