Friday, November 07, 2014

Public Wifi Security Risk

I will be on a panel discussing the security of public WiFi services, on Radio 2CC Canberra, 10:30am Sunday, 9 November 2014. This is timely as news reports indicate that the Australian Signals Directorate (ASD) is warning of increased risk of hijacking public wifi networks during the G20 summit next weekend. Even though the G20 is in Brisbane, Canberra makes an attractive target for attack, as the seat of national government and with many public servants, security and military personnel based here.

So far the CBRfree Public WiFi Service covers the central Civic area of Canberra's CBD. The plan is to have 745 access points at a cost of $3.1M. The major security issue with public WiFi is "SSID spoofing”  hot-spots: that is someone sets up what appears to be a public hot-spot, but it is a private system which  reads the traffic before passing it to the public network.

iiNet warn users about “SSID spoofing” when they access the real system (see "Wi-Fi security flaw for smartphones puts your credit cards at risk", The Guardian, Tuesday 26 April 2011 or "Secure user-friendly Wi-Fi access point joining" for a more technical explanation). The system also looks for “pirate” wireless access points. iiNet Online security is important. iiNet recommends users encrypt sensitive information,  maintain strong passwords (and change them regularly), and have anti-virus software and operating system patches. They also seem to be warning not to use the service for on-line banking (which would be prudent).

Apart from the security of the user there is the issue of security problems caused by access to anonymous WiFi. Those with criminal or terrorist intent could use the public WiFi network for planning or conducting illegal activities. As they are not required to register for the service, it will be more difficult for security services to trace their activities.

The CBRfree service is run by iiNet and paid for by the ACT Government, with no charge to users for 250 megabytes per day. The service is provided, in part, to attract tourists and reflect the image of a high-tech city. However, just one serious security incident with the system could undermine Canberra's image as a safe and secure place to visit and do business.

There is an additional public WiFi service available in Canberra: EduRoam. This provides WiFi access on campuses of participating universities worldwide. In Canberra, EduRoam is available at the Australian Catholic University (ACU), Australian Defence Force Academy (ADFA), Australian National University (ANU), University of Canberra and CSIRO. EduRoam users have a userid and password but this is encrypted before transmission to their host institution for access (using the 802.1x Network Access Control Standard). This is more secure than having a web page where the user types in their password.

Telstra is also installing 30 Wi-Fi hotspots in Civic.  Telstra can afford to provide the service at no charge to the government, as it is part of the Fon service. Fon customers pay for access to this service, as well as Telstra broadband customers having free access (in return for letting Fon users share their home broadband WiFi). The Fon system requires user-ids and passwords, but does not use the 802.1x standard and so is not as secure as EduRoam. BT offer the FON service in the UK, but suggest subscribers use a Virtual Private Network (VPN) to improve security when using the public hotspots.

No comments: