Was terrorist email sent from home user’s unsecured wi-fi?

Anyone who has been following the international news in the last week or so, will be aware of the horrendous bombings that have taken place in India.

Seven bombs exploded in Bangalore on Friday 25 July – a southern Indian city well known to many in the IT industry because so many well-known technology firms have located some of their operations or out-sourced services there.

The following day, a series of bomb blasts rocked the city of Ahmedabad. You may have seen the TV pictures of some of the carnage, including a blown-up bus. Tragically, scores of people have died as a result of this terrible action.

A number of TV news stations received an email five minutes before the first blasts in Ahmedabad, claiming responsibility for the imminent attacks. In the email a group called the Indian Mujahideen hinted at more attacks to come.

Sign up to our free newsletter.
Security news, advice, and tips.

HP Singh, the joint police commissioner in Ahmedabad confirmed to the media that the email was sent from an IP address located in Mumbai (formerly known as Bombay).

And now you can see why I’m talking about this on my blog. If the police can work out where in the world the email came from, maybe they can find the bombers, right? Well, maybe..

Last week, Kenneth Haywood, a US expat living in Mumbai, was questioned by anti-terror squad officials after it was determined that the email’s IP address pointed towards him. Police seized his three computers, and several belonging to his neighbours, in an attempt to confirm who had sent the message to the news agencies.

According to the Times of India, computer forensics experts appear to be admitting that they have reached a dead end in their hunt for the originators of the email. Although Haywood’s IP address was used, his computer and that of his immediate neighbours appear to carry no clues that the email was sent by them.

Most tellingly, it was found that Haywood’s wi-fi internet access was not secure. In other words, it was not protected with passwords – meaning that anybody in the vicinity or passing close by, could hop on board with a laptop or other wireless device and send a message via his internet connection.

We’ve talked before on the Sophos website about the importance of securing your wireless internet access in order to stop strangers abusing it. Criminals using your internet connection to send pornographic spam, or download illegal materials, or gobbling up your bandwidth, is serious enough.. but this takes things to a while new level.

This case may be extreme and unusual, but it underlines the importance of ensuring that your wi-fi connection is properly secured, and cannot be used by strangers.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.