Mission: To determine the current level of cyber security in the Wabash Valley between Terre Haute and Vincennes Indiana.
So when I began planning to investigate the state of cyber security in the Wabash Valley I thought that a few small businesses may have an insecure wireless router and possibly a small town government office or two. To my astonishment that was not the case. As my investigation continued I found so many insecure wireless routers that I decided to make that my main focus for this report. This wireless survey was done with a simple drive-by wireless security scan using freely available tools on my android smartphone. This was a safe scan that simply listed broadcasting WIFI routers. It does not connect to or hack into them. I drove from Terre Haute to Vincennes Indiana and found multiple businesses in each of the following categories and even some government offices that had old easily hackable wireless encryption settings. Actual locations will not be disclosed for obvious reasons.
Certified Public Accountants (CPA’s)
Wealth Management Offices
City/County Government Offices
New Car Dealerships
Technology Support Companies
And the list goes on…
So what? What’s the big deal?
Identity theft. That’s the big deal. Personally Identifiable Information exposed. Your customers bank accounts drained and their credit destroyed. And that is only one of the ‘big deals’. Consider company secrets, client lists, manipulated data, deleted data, even YOUR identity.
How are these businesses vulnerable? What is it about their wireless routers that leaves them exposed?
In a nutshell, not keeping pace with current cyber security best practices and ignoring the threats that we don’t see. Technically speaking, those routers are using old forms of encryption. Those old encryption algorithms have been easily hackable for years. Then there is WPS (WIFI Protected Setup). About half of all off the shelf wireless routers that have WPS enabled are also hackable. Some may take longer than others but the end result is the same. All of the business categories I listed above were using old encryption algorithms. Simple to hack. The list would be much longer if I included those using newer much more secure encryption – yet still have WPS enabled. Here is a link to a short article I wrote earlier about dealing with WPS: http://www.npgcomputers.com/how-to-keep-your-data-safe-from-wireless-hackers/
The results from approaching several of these businesses to let them know of the dangerous situation is equally stunning. Of the ten businesses and government offices that I spoke with in person, none of them had any idea of the problem. What’s more is few made any changes to secure their wireless routers. Many of them said they would correct it or knew of the issue and were in the process of securing them. I checked a few days later. No change. Maybe the person(s) in charge of those routers simply don’t understand the issue or choose to ignore it. At your peril.
Another disturbing fact to consider: since they are using a form of wireless encryption that has been easily hackable for years, how many have been hacked already and don’t even know it? How long has a black hat hacker been stealing customer information – your personal information and using it for nefarious purposes? Thieves don’t leave their calling card and say “Hey I broke in and stole your data”. They want to keep the dirty deed a secret so they can come back later and do it all over again.
Let’s suppose that the data at risk is nothing of value and no personal information is accessible. As a business owner, what is the value of customer perception? If the public were to become aware of your lax security practices how might that affect your bottom line? Security breaches are detrimental to any business. And not just the immediate financial costs. A tarnished reputation is hard to overcome. Regaining customer trust is certainly tough once personal information has been compromised.
Ok. As a small business owner myself, I know it’s hard to stay on top of all the latest technological changes and cyber security issues. Who has time, right? Most small business owners believe they are not a target because maybe they don’t have many valuable assets, but what that really means is they are easy targets since network security is probably not on the daily priority list.
If I can find out this level of information from simply driving by, then what other more in depth private information could the serious hackers already have?
Quoted from and article on Examiner.com:
“…Wireless computer hacking of identity theft and payroll thefts totalling more than $3 million dollars in Seattle has landed the last defendant in federal prison.
Joshuah Allen Witt, 35, was found guilty with two other defendants for hacking into 50 businesses software using a wi-fi receiver that detects business wireless networks. They hacked into the security codes and accessed company computers, according to the Seattle Times online edition.
Termed “wardriving”, the defendants used a device that picked up wireless transmissions and were able to crack security codes that they had in a car. The defendant’s also broke into businesses to install malware on company computers.
Witt was sentenced to eight years on charges “that included conspiracy, aggravated identity theft and access-device fraud”, according to the Seattle Times report. Also reported was that the U.S. Secret Service’s Electronic Crimes Task Force broke the case after 2-1/2 years.
Wireless hacking has been going on for years. Not only do criminals use “wardriving” methods while driving around in cars with wi-fi hacking technology, but utilize “warparking”, another term to describe someone with laptop sitting in a car of a parking lot or street curb.” – http://www.examiner.com/article/wi-fi-hacking-seattle-cost-businesses-3-million
How many readers have the same password for almost everything? Exactly. Let’s assume the business is secure, what about the owners wireless router at home? A dedicated hacker could simply hack the home router waiting for a password to be captured. Once done, your world is his.
* Image excerpt from: http://mercatus.org/publication/information-sharing-no-panacea-american-cybersecurity-challenges
What about hospitals, medical clinics and the devices they use? They must be really secure, right?
Quoting a report posted on Kim Komando’s website concerning health care security:
“…That sounds like a terrible movie plot. But, sadly, it’s a reality. We’ve been telling you that hospitals and all that lifesaving medical equipment they use, like pacemakers for your heart and blood gas analyzers (BPA), are vulnerable to hacker attacks. But, even we couldn’t guess how bad it really is.
Hospitals and their network-connected devices are so poorly protected that, in July, the Food and Drug Administration issued its first-ever cybersecurity advisory about a medical device.
Specifically, the Hospira Symbiq infusion pump, because it’s vulnerable to unauthorized users controlling the device. In other words, hacking it. It’s “precedent setting,” according to the FDA’s Center for Devices and Radiological Health…” – http://www.komando.com/happening-now/334445/hospitals-are-tragically-open-to-hacking
This report mostly covers the easy low hanging fruit that any hacker can pick from right outside your business. For example, once the router password is hacked the perpetrator can modify the router settings and redirect your internet browsing to malicious sites that try to install malware of all sorts on the computers including the infamous CryptoLocker Ransomware virus that holds your data hostage until you pay the ransom fee. Many other more complex, in depth wireless hacks exist and defeating them requires vigilance. More on these in the next report.
Malware is actually the most common threat I find on client computers. When I say most common, I mean 90% of every single computer I cleanup! But you have an antivirus like Norton or McAfee, so your safe right? Probably not. Most of those 90% that I check have Norton or McAfee – AND have multiple forms of malware / spyware / trojans / viruses that haven’t been caught. Some of that malware is just advertising junk. But some of it designed to steal your usernames, email addresses and passwords – or secretly give a hacker remote access into your computer. These threats can be even more dangerous than insecure wireless routers since it doesn’t require a hacker to be anywhere near your computer or business. Just clicking on the wrong email attachment or website link can infect your computer. These malware programs lay in wait, then capture your data and send it off to hackers unknown anywhere in the world. If you want to spend some time checking your own computers, I wrote an article outlining many of the in-depth steps used every day to detect and remove the sneakiest malware: http://www.npgcomputers.com/malware-removal-secrets-revealed-page-1/
So far we’ve only discussed business and government cyber security. There are far more home wireless routers that are using the same insecure wireless settings and have untold amounts of malware doing dubious things with sensitive personal data.
So what are some solutions?
For wireless, you can make things a little more difficult for the casual hacker by:
- Enabling Proper Wireless Encryption
- Disabling WPS
- Making the SSID’s hidden
- Changing the SSID’s
- Using strong complex passwords
- Changing the default admin password on the router
- Educating employees about wireless hacker methods
- Engaging a 24×7 cyber security remote monitoring service to keep an eye on router and computer security logs and alerts, and keep everything updated.
- Keeping Windows, Flash and Java patched and updated. That plugs many security holes.
- NEVER run your machine as an administrator. Set up a standard user account and make it prompt you when it needs administrator privileges. This will keep you from getting infected by MANY malicious websites.
- Having your computers put through an in-depth scan every 6 months by experts in malware detection and removal. Today’s malware is very invasive and requires advanced techniques to thoroughly find and remove.
- Engaging a remote security monitoring company that can keep an eye on new infections in real time, taking action as needed.
For web based email, Facebook, Twitter and other online accounts:
- Be sure to enable 2 step authentication. This really puts a dent in a hackers ability to take over your online accounts.
- Use complex passwords.
- Don’t use an open hotspot to check the accounts. Open hotspots make it much easier for hackers to listen in and capture passwords.
- Use different passwords for each account.
These are just a few of the things needed to increase your protection level against so many ever present cyber threats. The list is long and ever evolving as the technology changes and hackers develop new ways to steal.
I hope this report sheds some light on many of the current cyber security issues that threaten our livelihood and how to deal with them. Do you have a security incident that has affected you or your company? If you can share it with us we will remove the confidential details and include it in our next article. It might prove very insightful to others. Send me an email at email@example.com.
In the next cyber security article we’ll talk about:
- The dangerous Evil Twin router
- The infamous CryptoLocker ransomware
- Phishing Attacks that con you into divulging private information
- Keyloggers that steal passwords
- How your company website may not be secure
- Smartphones – Protecting them from Malware
- And a recommended list of security minded, high performance wireless routers
Do you have concerns about your companies state of cyber security? Our security team helps organizations small and large stay safe from today’s nastiest hackers and avoid disaster.
What we do:
- Make your Wireless Routers more secure
- Cleanup and Secure Malware Infected Computers
- Reduce the installation rate of new Malware threats
- Provide a “2nd Set Of Security Eyes” to compliment your I.T. department
- Train your employees to spot potential security issues
- Perform external and internal penetration testing to search for new and unknown ways that Hackers/Data thieves might get into your network – then secure them and lock the door.
- Work daily on the digital front line protecting clients from new threats, malware and data thieves
Questions or concerns? Contact me anytime:
Connect with me on LinkedIn: www.linkedin.com/in/daviddubree
Follow me on Twitter: @daviddubree
NPG Computers – Find us on Facebook and Twitter