Project Title

APEC Workshop on Promoting Secured Public Wi-Fi Usage based on Malaysia's Experiment: Phase 2 

Project Year

2016   

Project Number

TEL 02 2016S 

Project Session

   

Project Type

Self-Funded 

Project Status

Completed Project   
View Budget TableView Budget Table
|
PrintPrint

Project No.

TEL 02 2016S 

Project Title

APEC Workshop on Promoting Secured Public Wi-Fi Usage based on Malaysia's Experiment: Phase 2 

Project Status

Completed Project 

Fund Account

Self-Funded 

Project Year

2016 

Sponsoring Forum

Telecommunications and Information Working Group (TELWG) 

Topics

Telecommunications and Information 

Committee

SOM Steering Committee on Economic and Technical Cooperation (SCE) 

Other Fora Involved

 

Other Non-APEC Stakeholders Involved

 

Proposing Economy(ies)

Malaysia 

Co-Sponsoring Economies

 

Expected Start Date

29/10/2016 

Expected Completion Date

02/11/2016 

Project Proponent Name 1

Idi Baharom 

Job Title 1

Deputy Director, Network Surveillance Department 

Organization 1

Malaysian Communications and Multimedia Commission 

Postal Address 1

MCMC Tower 1, Jalan Impact, Cyber 6, 63000, Cyberjaya, Selangor, Malaysia 

Telephone 1

60-1 96000137 

Fax 1

Not Applicable 

Email 1

idi.baharom@cmc.gov.my 

Project Proponent Name 2

Not Applicable 

Job Title 2

Not Applicable 

Organization 2

Not Applicable 

Postal Address 2

Not Applicable 

Telephone 2

Not Applicable 

Fax 2

Not Applicable 

Email 2

Not Applicable 

Declaration

Idi Baharom 

Project Cost (US$)

$0.00 

Project Summary

Background and Project Description
In August 2015, the Malaysian Communications and Multimedia Commission (MCMC) had collaborated with F-Secure Corporation to conduct an investigation on the security of access to a wireless network (Wi-Fi). F-Secure had carried out the same experiment in London in 2014, in collaboration with EU’s Law Enforcement Agency, the European Police Office (Europol). Their objective was to raise public awareness on the security of using Wi-Fi across Europe.

During the previous experiment, MCMC undertook to configure a bogus public Wi-Fi hotspot to lure unsuspecting users to make use of the service. Those utilizing the hotspot had their information recorded for analysis. Malaysia identified high-traffic public venues in the Klang Valley area for the experiment, specifically at the KL Sentral, Suria KLCC and MidValley Shopping Center.

The experiment showed that there was a 58% possibility in Kuala Lumpur that a hacker could gain personal information by just setting up a bogus public Wi-Fi hotspot. This proves that there is a critical need for public education and awareness on the security of usage of public Wi-Fi in Malaysia. The finding was presented and discussed during TEL53.

The workshop was supported by Thailand and the Philippines, and has been included as one of the deliverables by Malaysia in the APEC TELWG 2016 Work Plan.

Malaysia took note of the interests of a number of economies on our wireless security project. In response to a request by Japan during TEL53, who is preparing for the Tokyo Olympics in 2020, Malaysia has decided to conduct Phase 2 of the project in TEL54 to expand the reach of our experiment in Japan.

Similar experiments will be conducted in expanded areas in Malaysia, and [Osaka and] Kyoto before the commencement of TEL54 with the assistance from the Ministry of Internal Affairs and Communications, Japan (MIC).

The information collected from the experiment will be analyzed for reporting purposes. Malaysia confirms that there will be no actual data in transit to be recorded and kept.

Objectives
Consistent with Priority Area 5.2 of the APEC TEL Strategic Action Plan 2010-2015, i.e. promotion of a secure, resilient and trusted ICT environment, this project aims to share the following objectives with the APEC member economies on wireless security issues:

I) To raise awareness on the danger of devices connected to an open/public Wi-Fi. This will educate users to value their privacy and security when going online via public Wi-Fi connections;

ii) To get an overview of users’ behaviours when using or accepting an untrusted public Wi-Fi connections;

iii) To get an insight on how attackers make use of the tools, which are publicly available for malicious purposes to gain access to users’ private credentials; and

iv) Wherever applicable, to share the findings during cybersecurity trainings with various law enforcement agencies on wireless security issues.

Planned Activities
The primary work of this project is divided into two-fold:

1) to conduct wardriving exercises around identified areas in Malaysia and Japan. Malaysia will deploy the Wardriving Technique, a method used to search open Wi-Fi networks while moving in a vehicle in predetermined locations, using a portable computer, smartphone or personal digital assistant (PDA). This exercise, which will take no longer than 60 minutes, will make use of the combination of hardware and software to demonstrate how unsuspecting mobile phone users are attracted to use open Wi-Fi hotspots indiscriminately to access the Internet; and

2) to present and share the analysis/ findings of the experiment at TEL54. Parties relevant to/ interested in wireless security issues such as policy makers, regulatory bodies and related business operators are invited to share views on the findings and similar issues experienced in home economies.

Timelines
- Wardriving exercises pre-TEL54 in Malaysia and selected area(s) in Japan; and

- A half-day workshop for presentation and information sharing during TEL54 on 2 November 2016 (Wednesday).

Are there any supporting document attached?

No 
Attachments
Version: 2.0 
Created at 14/02/2017 17:38  by Lucy Phua 
Last modified at 14/02/2017 17:42  by Lucy Phua 
Version HistoryVersion History

Project No.

Project Title

Project Status

Fund Account

Project Year

Sponsoring Forum

Topics

Committee

Other Fora Involved

Other Non-APEC Stakeholders Involved

Proposing Economy(ies)

Co-Sponsoring Economies

Expected Start Date

Expected Completion Date

Project Proponent Name 1

Job Title 1

Organization 1

Postal Address 1

Telephone 1

Fax 1

Email 1

Project Proponent Name 2

Job Title 2

Organization 2

Postal Address 2

Telephone 2

Fax 2

Email 2

Declaration

Project Cost (US$)

Project Summary

Are there any supporting document attached?

hdFldAdmin

Project Number

Sub-fund

Previous Fora

Secretariat Comments

Endorsement By Fora

PD Sign Off

Monitoring Report Received

Completion Report Received

PMU Field 1

PMU Field 2

PMU Field 3

On Behalf Of

Proposal Status

Originating Sub-Forum

Approval Status
Attachments
Content Type: Self-Funded Proposal
Version:
Created at by
Last modified at by
Go Search