Security

In Australia, Secure Your Wi-Fi -- or Face a Visit From the Police

If you live in the Australian state of Queensland and have an insecure Wi-Fi router, you may get a visit from the police.

In a bid to raise awareness about cybercrime, police in the northeastern state plan to "wardrive," or cruise the streets, scanning for Wi-Fi routers that are not password protected or use an aging, weak security protocol. (See "How to Lock Down Your Wireless Network.")

Australian consumers and businesses don't need to worry about a fine: Police just plan on distributing information in mailboxes about how people can better secure their routers.

Wardriving is a term that has been applied to hackers who drive around neighborhoods looking for open Wi-Fi connections. The dangers are well known: a router that is not password protected means traffic exchanged with the router is sent in the clear, which could easily be spied on.

Miscreants could also hop on the insecure network to send spam or conduct other illegal activity online, with the Wi-Fi router's owner on the hook for the activity.

Many cybercrime incidents are preventable if people have a greater awareness of how to protect themselves, said Detective Superintendent Brian Hay of the Queensland Police Service.

"It's all about getting the message out," Hay said.

Police are also warning people who have the WEP (Wired Equivalent Privacy) security protocol enabled, which was widely used in routers shipped between 2000 and 2005. The protocol can be cracked with easily available tools in minutes, and it is considered totally insecure even though it is still used.

Queensland police described using WEP as the equivalent of "using a closed screen door as your sole means of security at home."

Most router manufacturers today ship their products with security enabled by default. More recent routers use the WPA or WPA2 protocols, or both. WPA has known security issues but still is much safer than WEP. It is generally recommended to use WPA2.

Queensland Police, which ran a similar program in 2009, said it had identified a large number of homes and businesses in the greater Brisbane area that did not have secure Wi-Fi connections. The program is run by the State Crime Operations Command's Fraud and Corporate Crime Group.

Send news tips and comments to jeremy_kirk@idg.com

Subscribe to the Security Watch Newsletter

Comments