Tuesday, September 2, 2008

WiFi networks face wardrivers’ attack

Almost 90% Of Such Systems Aren’t Protected

New Delhi: If you work on an unsecured wireless internet network, beware. Someone right now could be moving around in the city looking for open WiFi spots for sending anonymous terror emails or accessing confidential information with almost no risk of being caught. Welcome to the dark world of wardriving.

A wardriver is a person who moves in a vehicle with a laptop—or a PDA like iPhone or BlackBerry— which has a software that detects WiFi networks. If an unscrupulous wardriver finds an ‘open’ network, one that is not passwordprotected, he could use it for a range of nefarious activities.

The ‘Indian Mujahideen’ terror emails sent from the WiFi connections of an American in Navi Mumbai and Mumbai’s Khalsa College are recent examples of such misuse. These networks can also be used for identity thefts and corporate espionage.

Software for wardriving is freely available on the internet or even pre-installed in the device itself. Unless caught in the act, it’s virtually impossible to trace a wardriver. The wireless network can be accessed from within a 25-30m radius of the point of installation. The malicious user can then piggyback on the network to send emails or access websites using the owner’s IP address, which when traced back leads to the owner of the network.

Says Sumit Grover, a vigilante wardriver, “I discovered many unprotected networks, observed their misuse. Over the past one year, I have tried to alert the ISPs responsible for those connections, the Computer Emergency Response Team (CERT) that is responsible for analyzing threats to computers and networks in India, Trai, the ISPAI (Internet Service Providers Association of India) and even the ministry of information technology. Nobody took any notice. This was followed by a spate of malicious terror attacks.’’

Such attacks are increasing with the rapid rise of wireless networks as laptop and broadband prices fall. The WiFi Alliance has estimated the WiFi market to be worth over $270 million and expects it to touch $900 million by 2011-12. Almost 90% or more of these networks aren’t password-protected.

The month of August saw a surge in such activity. Terror emails linked to July’s bomb blasts in Ahmedabad were traced to American national Kenneth Haywood’s unsecured WiFi network. Another terror email sent in the name of Indian Mujahideen was traced to a computer in Mumbai’s Khalsa College.

During the past year, hackers stole personal data worth an estimated $5 billion of up to eight million guests at over 4,000 hotels in 80 countries belonging to the Best Western hotel consortium alone. The data was sold via an underground network operated by the Russian mafia.

What’s most shocking is that this is surprisingly easy to do. Open wireless networks can be easily accessed without any authentication and without attracting the notice of the actual owner of the network. This is very different from hacking, which does not require physical proximity to the target network/computer. Cracking into protected networks, whether wireless or others, is a far more tedious process and can eventually be traced back to the hacker, while in the case of an unprotected wireless network, the intruder is virtually anonymous.


Wardriving means searching for wireless net connections while moving around in a vehicle with a laptop or PDA that has a software to detect such networks

These unprotected WiFi networks can be used for sending terror emails, accessing confidential information or corporate snooping

Since someone else’s internet protocol is used, there’s no way of zeroing in on a wardriver

No comments: