Saturday, 4 April 2020

WI-FI HACKING : A GROWING PROBLEM IN ZIM


Ever wondered why your home or office Wi-Fi bundles run out so fast? Most probably they would have been depleted by someone who would have hacked into your network.

At home, one of the tell-tale signs is that a number of people are always milling outside your yard, engrossed on their phones or tablets and others even audacious enough to use their laptops.

Wi-Fi hacking is essentially cracking the security protocols in a wireless network, granting full access for the hacker to view, store, download, or abuse the wireless network. Usually, when someone hacks into a Wi-Fi, they are able to observe all the data that is being sent via the network. An unauthorised person using your wireless network would be able to see pretty much everything you do online.

Hacking these systems according to an information and communication technology (ICT) expert, Ms Victoria Ngono is easy as the entry, a password, only takes guess work, free hacking software or obtaining it from a family member. 

“There are a number of ways in which hackers do this and the most popular is using a Wi-Fi password key revealing software that enables hackers to see a list of all passwords associated with a certain network. Unfortunately, this software is readily available online at no cost to all who wish to use it. Other hackers simply take advantage of the lack of strong passwords on our Wi-Fi devices to ‘guess’ what the password could be. Therefore, it is best to avoid using pet names and common names of individuals as passwords,” said Ms Ngono the executive director of Girl’s in Stem Trust.

For example, if you are Mr Ndlovu, a weak password like Ndlovu123 would be easy for miscreants to guess.

In the city centre, there are many mobile hotspots offered by Zol, TelOne and Econet, that have been set up and people are seen face down engrossed in their phones as they browse social media. Some of the people who mill around these Wi-Fi spots are actually hackers breaking into systems from surrounding private networks.

When one moves around, with the Wi-Fi function of their phone on, they are able to catch numerous signals of the wireless networks for many businesses and hackers target those signals. 

Ms Ngono said there were many signs that indicate that one’s wireless network has been compromised.

“The most common sign and the most obvious one is that a hacked Wi-Fi always makes the Internet connection a lot slower, as someone else might be using your Wi-Fi to surf the web. Another sign to look out for is to check if the router’s activity is still blinking after turning off the devices in your house or offices that are using Wi-Fi. If the light still continues to blink, it means that some unauthorised person is using your Wi-Fi,” said Ms Ngono.

It’s not only about someone being able to bum off your Wi-Fi, but it’s also about security of your information as if they can get on it so easy, they can take out anything.

These are some of the dangers that can befall any organisation or individual. Any stored information on your browser (like stored passwords and webpage history) which is usually confidential can be compromised if it falls into the hands of hackers. Any sensitive financial information accessed or saved or stored in your browser can also reach the public domain if a hacker infiltrates your network. “Furthermore, hackers are also able to alter any online content that you see. With all the information collected from your compromised Wi-Fi, hackers can use your information for their own personal needs. They can either sell it, impersonate you or even take money out of your bank account without you noticing,” said Ms Ngono.

Having complex passwords that combine capital letters, small letters and symbols or numbers is one way of protecting oneself from hackers.

Passwords should be kept secret as an additional precaution. 

“Whether you are at the office or at home make sure that your router does not broadcast your ID information. This can be done by changing your network’s SSID (service set identifier or Wi-Fi name) to make personal information invisible and allowing only authorised devices to connect to your router. It may be wise also to use a Virtual Private Network popularly known as a VPN to create a private, dedicated tunnel for all your information to pass through which provides an extra layer of protection for your data making it difficult to access. Overall employing strong encryption methods really is one of the best, if not the best ways to ensure security while online,” said Ms Ngono.

After getting Wi-Fi passwords, hackers can access essential passwords and hit organisations through ransomware. Hackers access the network, retrieve the information and threaten to publish it unless the victim gives them ransom money.

In 2017 the Harare Institute of Technology (HIT) was allegedly hit with a cyber-attack where a hacker gained access to their passwords and locked them out of their systems. The individual behind the hack demanded 1 000 Bitcoins (that now cost over US$6 million), a cryptocurrency that is hard to trace if one pays them. It was never revealed how HIT resolved the issue.

The New York Times reported recently that hackers are locking people out of their networks and demanding big payments for them to get back in. The hacker locks you out of the network through encryption keys and upon paying them the required amounts money they give you the keys to unlock your information.

According to the paper, the frequency of ransomware attacks — among the scariest and most costly online assaults — has been hard to pinpoint because many victims quietly pay off their attackers without notifying the authorities.

In Zimbabwe, what happens when one is caught stealing information off your network?

Ms Ngono said the Cybercrime, Security and Data Protection Bill, when passed into law, will assist.

Cabinet approved the Bill in October last year and it is expected in Parliament soon. “The Bill clearly defines what is regarded as a crime committed in cyberspace. Strong punitive measures, however, need to be highlighted as a deterrent to those encroaching on to networks without authorisation to avoid these crimes,” she said. 

She said when the law is enacted, it is important to highlight that just because these crimes are committed virtually does not in any way lessen their extent and gravity.

“Data has become a very valuable and lucrative resource in the age of the Fourth Industrial Revolution as evidenced by the number of organisations investing in it for improved, effective and efficient business operations, so it is of paramount importance that it is protected,” said Ms Ngono.

The problem in enforcing the law, according to a prominent ICT expert, Mr Robert Ndlovu will likely be that police appear to lack the training to investigate computer-related crime.

“When I said that in 2016, I had seen the deficiencies in the system. Fast-forward to today, I still have the same misgivings with regards to the cybercrime preparedness of our security forces. There’s not many of them that have hands-on experience and this in a digital world is a problem,” said Mr Ndlovu. Chronicle

0 comments:

Post a comment