Download Here - Bkav Corporation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
Document related concepts

Wireless security wikipedia , lookup

Net bias wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Hacker wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Computer security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Transcript 
RESEARCH
SECURITY OF FREE WIFI
in Vietnam cities
December 2014
Security of Free WiFi in Vietnam Cities
Contents
Problem Statement................................................................................................................... 3
Research Methodology ............................................................................................................ 4
1.
Research timing and venues .................................................................................................... 4
2.
Research scope ........................................................................................................................ 4
3.
Research implementation ........................................................................................................ 5
1.
MitM risk ............................................................................................................................... 10
2.
Phishing risk .......................................................................................................................... 11
3.
Risk for SSID Spoofing ......................................................................................................... 12
Conclusion and recommendation ......................................................................................... 14
1.
On providers’ side ................................................................................................................. 14
2.
On users’ side ........................................................................................................................ 14
Appendix ................................................................................................................................. 15
About Bkav ............................................................................................................................. 17
Bkav Corporation
2
Security of Free WiFi in Vietnam Cities
Problem Statement
In 2012, Hoi An was the first city in Vietnam serving WiFi freely. Subsequently, a
series of tourist cities and other destinations nationwide such as Ha Long, Da Nang,
Hue, Hai Phong, Da Lat and Tam Dao have covered free WiFi, advantaging local
people and tourists to access the Internet. Ha Noi and Bac Ninh are patiently pursuing
such projects, but they are all in implementation process.
Apparent advantage is that local people and tourists might connect to the Internet
easily without any charge. However, from practical experiences, Bkav’s researchers
assess that by using free WiFi users could face various risks in terms of information
security. The wide coverage of free WiFe in cities means that the number of free WiFi
users jumps and changes continuously; the threats consequently increase. Meanwhile,
although cases of data leak happen daily, users’ awareness is not improved.
From such statement, Bkav has implemented a practical research on security as using
free WiFi in tourist cities and areas in Vietnam. The research aims to help users figure
out the risks of using free WiFi and to make proper recommendations to users.
Bkav Corporation
3
Security of Free WiFi in Vietnam Cities
Research Methodology
1. Research timing and venues
We decided to carry out the research in all tourist cities and areas covering free WiFi
nationwide. By the start of Bkav’s research, 7 locals had served this service, including
Hoi An, Ha Long, Da Nang, Hai Phong, Tam Dao, Hue and Da Lat. However,
according to our information, in Hue and Da Lat, free WiFi was only served for the
Festival (Hue), Culture and Tourism Week (Da Lat). After such events, free WiFi
would be removed or became inaccessible. Therefore, we decided to do the research
in 5 tourist cities and areas: Hoi An, Ha Long, Da Nang, Hai Phong and Tam Dao.
The research was carried from August to November, 2014.
2. Research scope
In accordance with Bkav’s experience, 2 major and highly risky threats to free WiFi
users are Man-in-the-Middle (MitM) and Phishing attacks. In addition, SSID Spoofing
attack is also noticeable. We decided these will be 3 subjects of the research.
Technically, the MitM takes advantage of mechanism in ARP protocol, then disguises
Gateway in the network to “eavesdrop” users. Meanwhile, Phishing technique
includes setting up a fake website, performing DNS attacks to redirect and defraud
users to access.
Bkav Corporation
4
Security of Free WiFi in Vietnam Cities
Image 1: Illustration of hacker’s attacking transimission line
In order to perform reality check at free WiFi systems, we used 2 computers.
Computer A played the role of user, connecting to free WiFi and using the Internet
normally. Computer B played the role of attacker, also connecting to free WiFi,
utilizing prepared tools to attack the target (Computer A).
Specialized tools used by Bkav for the attacking computer could: take advantage of
ARP Poisoning to scan the network, then listen in normal HTTP data; illustrate
HTTPS sites combined with DNS Poisoning to defraud users; creating fake WiFi.
3. Research implementation
After making a detailed plan, preparing infrastructure and selecting venues and
timing, Bkav’s researchers directly executed the research at selected areas. The
practical research was implemented in 2 steps: connecting to free WiFi and testing the
attack.
Step 1: Connecting to free WiFi
In Hai Phong City, the Central Flower Garden was chosen to start the research.
According to information provided by the media, this was one of three areas with the
strongest WiFi in Hai Phong. However, after connecting successfully, we found that
Bkav Corporation
5
Security of Free WiFi in Vietnam Cities
WiFi there was quite flickered, usually disconnected. The investigation of some local
people showed that the majority of people did not know about the free WiFi or knew
but did not use. All surrounding cafés had their own WiFi hotspots and did not use the
free WiFi of the city.
We decided to examine another destination – City Conference Center. The quality of
free WiFi was relatively stable and thus, we carried out the research as planned.
In Da Nang, investigated sites had stable WiFi, including the area along Han River,
Bach Dang Street, Tran Phu Street… From the experience drawn in Hai Phong, the
research process in Da Nang was relatively convenient and the number of free WiFi
users in Da Nang was higher. After connecting, people there could use within 1 hour.
In Hoi An – Quang Nam, there was no status of disconnection or time limitation.
However, accessing speed was quite slow.
In Ha Long, we tried to connect to free WiFi at three places: City Administration
Center, Kenh Liem Intersection and Hon Gai Post Office. According to information
from mass media, users can use free WiFi to access some portals of the province, but
they will be charged when accessing other websites. However, at the time of the
survey, we could not access free WiFi although WiFi speed was medium. We
contacted with the City Post Office to buy WiFi card but the employees informed that
they did not provide this kind of card.
The next research venue was Tam Dao tourist area (Vinh Phuc). Here, the speeds of 2
free WiFi, TAMDAO_WIFI_FREE and TAMDAO_WIFI_FREE1, were average,
sometimes slow. The users who connected to these 2 WiFi networks did not need
account and password. Therefore, our examination of attacking was carried out
relatively easily. However, scanning gained fewer victims than that in Hai Phong and
Da Nang since the WiFi provider applied security method.
Except for Ha Long, the strong point of free WiFi networks in other cities was that
providers offered detailed guidance to visitors and local people for easy usage.
Bkav Corporation
6
Security of Free WiFi in Vietnam Cities
Through information portals such as HaiPhong.gov.vn, WiFi.DaNang.gov.vn,
VinhPhuc.vnpt.vn… users could connect to WiFi by publicized account and
password.
Image 2: Accessing free WiFi easily with detailed guidance
Image 3: Welcoming page appears when users connect to free WiFi in Tam Dao
Bkav Corporation
7
Security of Free WiFi in Vietnam Cities
Step 2: Testing attacks
In each place, our researchers tested 3 attack forms: MitM, Phishing and SSID
Spoofing, then analyzed gained data and drew the conclusion.
With MitM, the attacked computer accessed websites using HTTP (unencrypted
information) as HaiPhong.edu.vn, DaNang.edu.vn... Meanwhile, the attacking
computer also connected to the same WiFi, using prepared tools to eavesdrop
information sent from victim computer.
Compared with MitM, Phishing is more sophisticated and we applied this form on
encrypted service (HTTPS). The selected service was Facebook. This is a social
network with huge number of users, and specifically preferred at tourist destinations
for check-in to post newly photographed pictures or to share feeling with friends. A
fake Facebook page using HTTP was crafted on the computer of hacker.
Image 4: Fake Facebook page on hacker’s computer
Then, by DNS Poisoning, hacker’s computer directed users to fake Facebook if
victims did not realize unusual sign on their browser.
With the test of attacking by SSID Spoofing, we set up a WiFi hotspot and
denominated the same name with the free WiFi (HaiPhong@WiFi, DaNangWiFi,
HoiAnNet_MegaWiFi…). The next step was to wait for the connection from victims.
Bkav Corporation
8
Security of Free WiFi in Vietnam Cities
Image 5: Dispensing fake WiFi to defraud users
Bkav Corporation
9
Security of Free WiFi in Vietnam Cities
Key Findings
1. MitM risk
The finding showed that 100% data from victim computers was eavesdropped and
unencrypted data would be in plain-text form which was easy to read.
Image 6: HTTP information eavesdropped via free WiFi networks in Hai Phong and
Da Nang
Image 7: Finding from test attack in Tam Dao
Bkav Corporation
10
Security of Free WiFi in Vietnam Cities
As the above images showed, information like Username – Password combination,
session, cookie, UID of the victim as accessing HTTP websites was disclosed.
This is intelligible because it’s vulnerability in design of ARP, address resolution
protocol, allowing attackerx to define MAC and IP address of a connecting device in
the network. A device that wants to connect to the free WiFi should define IP and
MAC of the Gateway. The attacking computer would defraud MAC address of the
Gateway in the same WiFi, and then eavesdropped information from the victims.
Such vulnerability in ARP protocol is only fixed in small-scale WiFi networks, of
which the number of users is not high and admins can configure the system to
recognize specific MAC and IP combinations. This is impossible with free WiFi with
a huge and changed frequently number of users.
2. Phishing risk
From the research we can see that, with encrypted services (using HTTPS protocol)
information can still be eavesdropped if users are attacked by Phishing.
Image 8: “Facebook” using HTTP instead of HTTPS as normal
Bkav Corporation
11
Security of Free WiFi in Vietnam Cities
As in the above example, in case users did not pay attention to changes in their
browser and clicked on “Log in”, unencrypted credentials about their account and
password would immediately be sent to hacker device.
Image 9: Diagram of Phishing attack
Actually, financial, economic and social websites which are often accessed now are
easily faked into HTTP websites. The risk from carelessness of users as using fake
service causing information leak is very high.
3. Risk for SSID Spoofing
With this kind of attack, once victims connect to fake WiFi, MitM and Phishing will
become much simpler. On hacker computer, we only need to turn on some special
tools to read the information package and analyze the result gained from victims.
Bkav Corporation
12
Security of Free WiFi in Vietnam Cities
Image 10: Diagram of WiFi SSID Spoofing
According to actual experience, users can hardly differentiate true WiFi and fake
WiFi. A small tip is that if the free WiFi is suddenly stronger, users should suspect.
The free WiFi is usually not strong, only 60%-80%. Meanwhile, attackers in this form
must approach victims so fake WiFi is often “full”.
Comparison between true WiFi and fake WiFi:
Image 11: Compared with true free WiFi (left), fake WiFi (right) is often in “full”
strength
Bkav Corporation
13
Security of Free WiFi in Vietnam Cities
Conclusion and recommendation
From the above research, it can be seen that the risk for free WiFi users is real. The
scared thing is that you seem not to know whether there is a hacker using the same
WiFi with you or not. Eavasdropping, information stealing shall happen silently and
can hardly detect.
From the practica research, Bkav has the following recommendations:
1. On providers’ side
In terms of security, some methods applied by the WiFi providers such as time
limitation (in Da Nang) or IP change after duration of usage (in Hai Phong) are not
effective. A number of current techniques anti-eavasdropping on the traffic are only
practical for small-scale WiFi and particular users. The coverage of free WiFi in large
scale causes security risk; therefore, the providers should give recommendations to the
users as using their free WiFi.
2. On users’ side
Bkav has some recommendations to users that as accessing free WiFi as follows:
-
Do not implement financial, banking transactions or read email... as using free
WiFi. In case of necessarity, users should use VPN to ensure safety.
-
For users who often use free WiFi, they need to pay attention because current
devices have the function of automatic connection, which is very dangerous if a
hacker fakes WiFi. A solution is to choose “Forget Network” after each time of
using, or to set the status of not connecting without user’s consent.
-
Use antivirus software, firewall to protect users’ devices.
-
Disable the feature of sharing file on device, or only share after setting
permision for particular accounts to prevent information leak as connecting to
free WiFi.
Bkav Corporation
14
Security of Free WiFi in Vietnam Cities
Appendix
(1) Man-in-the-Middle attack (MitM): The attack form in which attacker on
the line plays the role of an intermediate computer for exchange of
information between two computers, two devices, or between a computer and
the server, in order to eavesdrop on sensitive data, steal information or
change data streams exchanged between the victims.
(2) Phishing attack: The attack using e-mails, messages…that fake to originate
from a trusted source to trick users into entering credentials such as
username, password, credit card… at a fake website.
(3) Address Resolution Protocol (ARP): A protocol for mapping an Internet
Protocol address to a physical machine address of the computer (MAC
address).
(4) ARP Poisoning: A type of attack that impacts on messages between
computers in LAN. As exploiting successfully, attacker could direct and force
such messages through hacker’s computer, and then control, change messages
or implement DoS attack.
(5) The domain name system (DNS): The system that allows correlative
establishment between IP address and domain name.
(6) DNS Poisoning (or DNS Cache Poisoning): The attack technique by
deceiving a computer to believe that received domain resolution information
is trusted. Once the computer is “poisoned”, the user shall be directed to the
fake server as accessing a domain name.
(7) UID (User Identification): A chain of characters used by services to identify
the user.
(8) SSID (Service Set Identifier): A chain of characters used to identify a WiFi.
(9)
SSID Spoofing: The technique of spoofing WiFi by covering and setting
SSID the same name with real WiFi.
(10) Gateway: The network point that acts as an entrance to another network.
Bkav Corporation
15
Security of Free WiFi in Vietnam Cities
(11) Virtual Private Network (VPN): The particular network connecting
computers of the company, corporation or organization through public
Internet.
Bkav Corporation
16
Security of Free WiFi in Vietnam Cities
About Bkav
Established in 1995, Bkav Corporation is the leading firm in network security,
software, smartphone manufacturing and smarthome. In the field of network security,
antivirus and mobile security softwares of Bkav have been present in more than 100
countries all over the world. The leading technology research and advisory firm
Gartner has listed Bkav among "Cool Vendors in Emerging Markets".
Bkav has preeminent security experts. The corporation is known as the security firm
to discover the first critical flaw in Google Chrome just days after its launch in 2008.
Bkav was also the firm to trace the master server in Britain of unprecedentedly
massive DDoS attacks targeting US and Korean governments' websites in July, 2009.
Bkav Corporation is known as a manufacturer of security appliances such as intrusion
prevention system Bkav Network Inspector, Bkav Antispam GW, Bkav WebSecurity
Scan. Bkav is also providing collaboration software products (messenger, workflow
management, mail, video conference).
In electronics industry, Bkav is a smartphone and smarthome manufacturer. With
Bkav SmartHome, every equipment in your house will be connected and controlled
automatically based on smart context scenarios via touch screen or tablet, hence
creating a convenient, safe and energy-saving living environment.
Contact Information
Bkav USA
800 El Camino Real, Mountain View, California, 94040
Telephone: (+1) 202 386 6779
Website: www.bkav.com
Email: [email protected]
Bkav Corporation
17
Related documents
FAQ novoconnect - EDCO Education
FAQ novoconnect - EDCO Education
Project Name
Project Name
All My Media is Mobile_ian
All My Media is Mobile_ian
PowerPoint Template - Rizal Technological University
PowerPoint Template - Rizal Technological University
IT 601: Mobile Computing
IT 601: Mobile Computing
The uses of wireless technologies and hand held devices in a hospital
The uses of wireless technologies and hand held devices in a hospital
Providing Drone Based WiFi to Remote Areas of Africa
Providing Drone Based WiFi to Remote Areas of Africa
CPICS SmartModule processor and battery
CPICS SmartModule processor and battery
Interoperability Standards
Interoperability Standards
Wide Area Network - Clydebank High School
Wide Area Network - Clydebank High School