Cybercrime

Computer crime, or Cybercrime, refers to any crime that involves a computer and a network and is criminal exploitation of the Internet.

These crimes are committed with a criminal motive to intentionally harm or cause financial loss to the victim, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and computing devices (phones, tablets, computers etc.).

The cost of cybercrime is increasing dramatically. A recent American survey puts the global cost of cybercrime at $400 billion to $575 billion annually. Why is this? Whilst we do not understand all the dealings of the underworld, we do know something about connectivity. Some might consider mobile data roaming criminal or extortionate; one of our customers returned with a R760k mobile phone bill – our largest know “bill shock”. There are others too at R610k, R572k…..the list is endless.

Remember that SMEs are not the only target of hackers; corporate should beware, specifically now that hotel Wi-Fi hacking or “Dark Room” activities have been uncovered in a recent report by Kaspersky Lab. Also, it is not just money they are after – intellectual property is frequently stolen.

Cybercriminals gain relatively simple access to company documents and can then liberate the IP or the company cash! To illustrate the point, a local listed property group’s executive emailed a client a R980k rental invoice from a Public Wi-Fi hotspot whilst on holiday on the 4th January. This invoices was intercepted and the banking details changed. Only an diligent accounts clerk prevented the clients funds from being paid into the criminals account.

Amusingly, this Wi-Fi security vulnerability nearly cost the company more than his data roaming counterpart. However both will seem insignificant when compared to the executive that loses customers personal information.

The main provisions of the Protection of Personal Information Act (POPI) due to come into operation soon in South Africa, places business at risk of facing a penalty of R10 million or ten years imprisonment should protected data breaches occur. All companies will need to address any connectivity or security policies in this light during 2015.

What is your company policy regarding connectivity when out of the office. If they advocate the use of public Wi-Fi, they may want to reconsider this position.

Hotspot security

Security is a serious concern in connection with Hotspots.

Whilst it is difficult not to be too technical, there are three possible areas of attack:

First, there is the wireless connection between the client and the access point. This needs to be encrypted, so that the connection cannot be eavesdropped or attacked by a man-in-the-middle-attack.

Second, there is the Hotspot itself. The WLAN encryption ends at the interface, then travels its network stack unencrypted and then travels over the wired connection up to the BRAS of the ISP.

Third, there is the connection from the Access Point to the Internet Service Provider.

The safest method when accessing the Internet over a Hotspot, with unknown security measures, is end-to-end encryption. These are your typical corporate VPN clients. However, most mobile phones and tablets do not possess standard corporate protection or anti-virus measures.

Security Concerns

Some hotspots authenticate users; however, this does not prevent users from viewing network traffic using packet sniffers.

“Spoof” or alias naming, where users connect to intermediately web pages, before their information is passed to the destination webpages are very common and software is available for as low as $40 to allow hackers to set up these networks.

Some vendors provide a download option that deploys WPA support. This conflicts with enterprise configurations that have solutions specific to their internal WLAN.

Providers of public hotspot access may incur legal obligations, including privacy requirements and liability for use for unlawful purposes, depending on the jurisdiction. It will be interesting to see in terms of recent POPI legislation in South Africa, whether the onus will transfer to the Wi-Fi hotspot provider or remain with the user.

In order to provide robust security to hotspot users, the Wi-Fi Alliance is developing a new hotspot program that aims to encrypt hotspot traffic with WPA2 security. The program was scheduled to launch, but many delays mean this program is still many years away from providing any end-user protection.

Hotspot 2.0, also known as HS2 and Wi-Fi Certified Passpoint, is an approach to public access Wi-Fi by the Wi-Fi Alliance. The idea is for mobile devices to automatically join a Wi-Fi subscriber service whenever the user enters a Hotspot 2.0 area, in order to provide better bandwidth and services-on-demand to end-users, whilst also alleviating mobile carrier infrastructure of traffic overheads.

Hotspot 2.0 is based on the IEEE 802.11u standard, which is a set of protocols published in 2011 to enable cellular-like roaming. If the device supports 802.11u and is subscribed to a Hotspot 2.0 service it will automatically connect and roam. However device manufacturers and Wi-Fi Hotspot providers will need to update their equipment (and users their devices!) before this security measure becomes meaningful.