Eircom, the Irish ISP that agreed to disconnect alleged file-sharers at the behest of the music industry, has thousands of customers still exposed to a serious security hole. The flaw, which affects up to 250,000 subscribers, could mean they are wrongly accused of something they didn’t do. Thanks to Eircom, they may now lose their Internet connection.
Back in 2007, Eircom was supplying Netopia wireless broadband routers to its customers. Certain models (2247 and 3300) had only weak WEP encryption enabled which is easily hacked if you know how. But even worse, the network encryption key supplied to the customer was an Eircom-generated one, a choice which was set to cause many potential security problems.
Unfortunately for Eircom and its customers, it didn’t take long for their setup to be exploited. Aside from standard WEP-crack apps, several pieces of software became available on the web to instantly crack the protection on these routers. Within seconds, the software allows anyone to access an Eircom customer’s connection without permission.
All it takes is a simple scan for wireless networks in the area, select one of the available Eircom routers (they are easily spotted) and enter the discovered SSID into the software. The applications instantly return the router’s WEP key. In just moments, anyone within wireless range can be abusing the connection by doing, well, just about anything.
Eircom knows about the exploit and claimed to have sent letters out to every subscriber with an affected router, telling them to change their keys and/or SSID. Of course, out of that potential 250,000 subscribers, there were a huge number who had absolutely no idea what Eircom were talking about, while others did but took no action. The end result is that there are thousands of Eircom customers who are still exposed to the problem of other people doing stuff on their line that they know nothing about.
Reader Sean Byrne, who lives in Ireland told TorrentFreak, “There are lots and lots of existing WiFi signals that are open to this exploit. I’m located in Galway city, there are several ‘Eircom*** ***’ SSID’d networks located in the city that are open to this.”
Even now, 18 months after this exploit became known, Sean explained that while traveling around the country he finds Eircom-routered networks he can easily jump onto, should he wish. “It’s like free communal WiFi on tap,” he told us, “most places you travel in Ireland will have an Eircom WiFi signal.”
Although WEP security should be avoided if at all possible, some devices (particularly older ones) rely on it. Short of changing the WEP keys, this particular exploit can be defeated by simply changing the network’s SSID.
That said, we expect the same people who ignored or missed Eircom’s advisory the first time round will more than likely take the same action as they did back then – i.e very little. In the meantime, thanks to Eircom’s deal with the music industry, anyone in this position can have their connection used by an unauthorized file-sharer, and along with that the prospect of being accused of something they haven’t done.
Equally, anyone with one of these routers could simply claim they have been the victim of a hacker and Eircom would have to believe them. I’m sure we’ll be hearing more about this situation before long.