Wi-fi is ubiquitous. The technology can be an easy back door for hackers to access a computer through online tools that anyone can learn to use. The global cybercrime bill now tops €700bn and will keep rising. To find out the security of Maltese Wi-Fi networks Kurt Mahoney (supervised by Prof. Ing. Victor Buttigieg) mapped out around 70% of the island’s built-up areas.
Mahoney first carried out in-house testing on Wi-Fi security protocols. He then formulated security categories depending on ease and speed of access to a private network. For example, the WEP (Wired Equivalent Privacy) security standard could be cracked in less than one minute (irrelevant of password complexity). On the other hand, the WPA2 (Wi-Fi Protected Access II) security standard with AES (Advanced Encryption Standard) grade encryption and a twelve-character random alphanumeric password was virtually impossible to crack using brute force techniques.
Setting up a car with several Wi-Fi antennas, he then travelled a preplanned route through all the Maltese villages, apart from Mdina. Private security protocols were noted from automatic Wi-Fi transmissions, however he avoided conducting cracking or penetration testing. Mahoney then created a security map for the Maltese Islands from 64,317 observed private networks. Forty percent of private Wi-Fi networks in Malta were very vulnerable to hacking that increased to 90% if using more sophisticated attacks.
Wi-Fi security was poor all over the Island, with Western and South Eastern districts having marginally lower security. Malta needs a nationwide awareness campaign to increase the security levels of Wi-Fi networks. Top-notch security can be setup in a few minutes. All modern routers support military grade AES encryption standards, and together with a proper password policy one would render a Wi-Fi network almost invulnerable to direct attack.
This research was presented at the fourth Workshop in Information and Communication Technology (WICT). It was performed as part of a B.Sc. (Hons) in ICT at the Faculty of ICT and part sponsored by the Malta Communications Authority. It was shortlisted for the Chamber of Engineers’ Best ICT Student’s Project Award.