National / Crime & Legal

Wi-Fi hacker criminal case reveals risks faced by home users

by Shusuke Murai

Staff Writer

The nation’s first ever criminal case involving a hijacked wireless Internet connection came to light this month, prompting online security experts to warn that home Wi-Fi routers may be open to attack if not properly protected.

Users need to set a password and switch on encryption, or their network can be hacked within minutes by someone close enough to eavesdrop on the wireless signal, such as a user in an adjacent apartment, said Yuichi Nozawa, a consultant with the government-affiliated Information-technology Promotion Agency (IPA), a body that advises on digital security.

Cracking the security itself is relatively simple for one common form of encryption and can be done using free software.

The IPA delivered the warning last Friday, a day after the rearrest of a man suspected of tapping into a nearby Wi-Fi network in Matsuyama, Ehime Prefecture.

Hirofumi Fujita, 30, is separately on trial for allegedly stealing ¥16 million by obtaining online banking IDs and passwords as well as sending computer viruses to gain unauthorized remote access to other people’s computers.

Moreover, the agency warned that hackers can use hijacked wireless networks to hide their identities, leading “even ordinary people with no criminal intention” to become the main suspects in cybercrimes, Nozawa said Monday.

He said police sometimes identify suspects by the Internet access point used.

A further problem lies in the fact that it is not easy for ordinary users to detect if their network has been hacked, he said.

Many users remain unaware of the risks. In 2014, the IPA reported that more than 50 percent of households either had not set password protection on their home wireless network or were unsure whether it was active.

But even if a wireless network is password-protected, it needs to use a newer form of encryption, as older ones can be cracked fairly easily.

Older routers may offer Wired Equivalent Privacy (WEP) encryption as the default setting, which Nozawa said can be hacked. The alleged Ehime hacker is suspected of using this technique, deploying software that came as a free gift with an IT security magazine.

Instead, Nozawa recommends using Wi-Fi Protected Access II, better known as WPA2, a higher form of encryption and one usually offered by newer network devices.

The IPA recommends contacting manufacturers’ support teams to find out how to configure the security settings, as the procedure varies from device to device.

Coronavirus banner