Was terrorist email sent from home user's unsecured wi-fi?

Filed Under: Law & order

Anyone who has been following the international news in the last week or so, will be aware of the horrendous bombings that have taken place in India.

Seven bombs exploded in Bangalore on Friday 25 July - a southern Indian city well known to many in the IT industry because so many well-known technology firms have located some of their operations or out-sourced services there.

The following day, a series of bomb blasts rocked the city of Ahmedabad. You may have seen the TV pictures of some of the carnage, including a blown-up bus. Tragically, scores of people have died as a result of this terrible action.

A number of TV news stations received an email five minutes before the first blasts in Ahmedabad, claiming responsibility for the imminent attacks. In the email a group called the Indian Mujahideen hinted at more attacks to come.

HP Singh, the joint police commissioner in Ahmedabad confirmed to the media that the email was sent from an IP address located in Mumbai (formerly known as Bombay).

And now you can see why I'm talking about this on my blog. If the police can work out where in the world the email came from, maybe they can find the bombers, right? Well, maybe..

Last week, Kenneth Haywood, a US expat living in Mumbai, was questioned by anti-terror squad officials after it was determined that the email's IP address pointed towards him. Police seized his three computers, and several belonging to his neighbours, in an attempt to confirm who had sent the message to the news agencies.

According to the Times of India, computer forensics experts appear to be admitting that they have reached a dead end in their hunt for the originators of the email. Although Haywood's IP address was used, his computer and that of his immediate neighbours appear to carry no clues that the email was sent by them.

Most tellingly, it was found that Haywood's wi-fi internet access was not secure. In other words, it was not protected with passwords - meaning that anybody in the vicinity or passing close by, could hop on board with a laptop or other wireless device and send a message via his internet connection.

We've talked before on the Sophos website about the importance of securing your wireless internet access in order to stop strangers abusing it. Criminals using your internet connection to send pornographic spam, or download illegal materials, or gobbling up your bandwidth, is serious enough.. but this takes things to a while new level.

This case may be extreme and unusual, but it underlines the importance of ensuring that your wi-fi connection is properly secured, and cannot be used by strangers.

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.