Uncloaked Wireless SSID As A Target Identifier
gainst Unique Ethnic Communities
by Shelomo Alfassa,
Virsig's Director of Communications
Published April 7, 2016 in the "Critical Issues In National Cybersecurity" section.
CYBERCOM is a department that focuses on critical issues and trends in national cybersecurity and related cyber issues. Contributors share their knowledge and expertise regarding the newest, most creative and innovative means to solve urgent cyber and information network security issues.
Over the last several decades, certain groups have fallen victim to crimes and terrorism after being singled out because of their ethnicity and/or religion. The targeting of a specific group of people can be done in several different ways; one of these ways includes identifying a target population based upon their unique set of surnames. Certain populations have either “traditional” or “like” names which are chiefly found among distinct populations. Lists of these names are freely available on the Internet from sources readily available and as common as Wikipedia.
As an example, the Armenian community in America has many surnames with a suffix ending in -ian, -yan, or -jan, which are endings transliterated from the original patronymic names. And while these suffixes don’t necessarily guarantee that a name is Armenian, when identified in a well-established small Armenian neighborhood such as in Glendale (Los Angeles), more than likely it’s a name reflecting an Armenian family. The same can be established for other concentrated ethnic communities in America where surnames of like-originating people come from, such as the Vietnamese in “Little Saigon,” Westminster, California; the Chinese of Honolulu, Hawaii; the Haitians of Miami, Florida; or the Iranians (Persians) of Los Angeles, California (a notable population of such which are Jewish).
Speaking of Jews in America, there is a unique minority, within a minority; which exists among the large Jewish community that resides inside the borough of Brooklyn, New York. It is made up of descendants of Jews that came to America from Syria in the 20th century. The Syrian Jewish community of New York City lives among tight geographic urban borders. While there are several hundred different surnames which belong to the Syrian Jews, about 100 are most prevalent. While many of these surnames are common among all those who stem from Syria—Muslims, Christians and Jews—some are unique just to the former Jewish residents of that country.
In being alert and prepared against a physical attack, it’s not unusual that in New York City, a population center with the largest Jewish community in the Western Hemisphere, to have frequent police-issued bulletins and certain days (mostly religious holidays) when vigilance is at its highest. But in our contemporary society, an offensive attack may not be physical, as much as it may be cyber-borne.
In the days immediately after the attacks of September 11, 2001, few would imagine that incredible monetary damage that would affect America and the world. According to a study by The New York Times, between physical damage, economic impact and directly related homeland security costs, the 9/11 attacks cost US tax payers some $767 billion dollars.
Wireless routers emerge from the factory with a random string of letters and numbers to identify them. This is the router’s Service Set Identifier or SSID. In this case (and for unknown reasons), the purchasers choose to replace the random alpha-numeric SSID with their own family’s surname. Using a smart phone application which gathers and stores SSIDs, the unique SSIDs of local home and small business network routers were collected in a section of Brooklyn, NY. These were collected from uncloaked, (aka openly-named), devices, and included in the collected data were numerous routers identified with Syrian Jewish family surnames displayed on a Google Maps overlay, with associated GPS locations.
While the availability of these surnames themselves would not typically be a vulnerability, the worldwide availability of a group of highly-identifiable unique surnames, combined with the ease of being able to obtain geographic locations associated with them on Google Maps, can certainly be exploited for unscrupulous purposes by persons with malicious intent for preoperational planning. This is concerning from a security stand point because one need not be in the local area to gather surnames or identify families; this information is openly available on the Internet and can be easily exploited by anyone across the world.
Education of the public is important to mitigate against allowing this security concern to continue. An immediate solution would be the importance of removing the family surname identifiers, and change the SSID back to a random alpha-numeric string the router originally came with. These simple steps may mitigate against any individual or community member from becoming targets of malicious actors.
Shelomo Alfassa is Director of Communications for Virsig, LLC. He is a US Maritime Agency certified Facilities Security Officer with 25 years of Public Safety experience, including being a former Deputy Commander for the US Public Health Service / National Medical Response Team for Weapons of Mass Destruction. He serves his community in New York City with the Department of Homeland Security/US Coast Guard Auxiliary.