You are here: Home » Economy & Policy » News
Business Standard

Mumbai police plug Wi-Fi security holes

Makarand Gadgil & Leslie D'Monte  |  Mumbai/New Delhi 

The Mumbai police, along with a group of enthusiastic citizens formed by Mumbai’s sheriff Indu Shani, combed commercial complexes, malls, office buildings and residential premises in south and south-central Mumbai to identify and get rid of unsecured Wi-Fi (Wireless Fidelity) connections in the city following terrorist attacks last year.

Terror mails were sent via unsecured Wi-Fi connections before the Delhi and Ahmedabad serial blasts. The mail sent before the Ahmedabad blasts was traced to the residence of a US national Kenneth Haywood in Navi Mumbai and the mail sent before the Delhi blast was traced to the unsecured Wi-Fi network of Chembur-based Kamran Powers Control Pvt Ltd.

Since the range of Wi-Fi is 300 feet plus, someone can create a Wi-Fi network at a cost of less than Rs 2,000 an hour. That is why using anonymous Wi-Fi is a very bad idea, explained Vijay Mukhi, an internet expert and head of IT for the Federation of Indian Chambers of Commerce and Industry (Ficci). “We are the only city in the world where terror e-mails have been sent using anonymous Wi-Fi. We have seen their misuse and yet do not want to secure our Wi-Fi,” he asserted.

Mumbai alone is believed to currently have over 30,000 unsecured or anonymous Wi-Fi connections. This drive will continue till all such connections are found and citizens are educated on the issue. However, citizens cooperation is must, Mukhi added.

Additional Commissioner of Mumbai Police K Venktesan told Business Standard: “If the Wi-Fi connection in a particular place is not password protected or secured then the policemen accompanying the squad will have the authority to issue a notice to the owner of the connection directing him to secure it."

The police could issue a notice under section 149 of the Criminal Procedure Code (CrPC) to anyone found not securing their Wi-Fi connection and user may face criminal investigations.

Around 80 police personnel were given training by the police authorities to become conversant with Wi-Fi connections as well as cybercrime.

Around 100 enthusiastic volunteers joined the sheriff's squad which mostly consisted of college students. The drive went on till late in the evening.

The question, though, is that in most parts of the world, people can walk into a hotel room, coffee shop or even a park, open one's laptop or mobile phone and get access to an anonymous (unsecured) internet connection using Wi-Fi or wireless networking. So why is Mumbai rejecting the same concept?

The city of London is a case in point, Mukhi explained. It is known as the city of steel as it has over 15,000 cameras installed in all parts of the city. An average visitor gets caught on camera over 300 times a day. The surveillance does not stop there, all this video is saved and analysed by software called Video Analytics to check whether the behaviour of any individual follows any suspicious patterns or not.

None of this back up is available to law enforcement in India. "So if you walk into a cybercafé or coffee shop and send, say, an terror email of the type sent from Mumbai some months ago, at least a dozen cameras would have caught you in most cities of the world. Unless our cities have camera cover, in our view anonymous Wi-Fi must be banned by law and this is what the IT Act Amendment suggests," he explained. Terrorists, he added, would use mobile phones to talk to their handlers outside the country. Therefore, the country must be ready with either interception equipment or mobile phone jammers to either intercept calls or block/jam their calls.

"We can only intercept and listen in if we have the phone numbers they are using. Normally they would take hostages and use their phone numbers to communicate and hence the police will no choice but to use over the air interception and listen to all calls originating from an area before they can pinpoint the actual numbers used," Mukhi added.

Mukhi also wants the state and Centre to use the new Amendments to the IT Act to make sure that anonymous Wi-Fi is a relic of the past. "Section 69A is just what the doctor ordered and we believe that this section is there to make sure other people should not be allowed to misuse a computer resource. The jail term is pretty stiff -- seven years. There is no reason for anyone to have a unsecure network as other than the bad guys nobody else benefits," he said.

First Published: Tue, January 13 2009. 00:00 IST
RECOMMENDED FOR YOU