Waking Up to Warjacking

By Susan Kuchinskas

July 21, 2005

It's a scammy world, and consumer Wi-Fi connections could be the next security pain point.

Have you ever hopped onto a stranger's unsecured Wi-Fi connection? If so, you're not alone.

According to Jupiter Research, 14 percent of Wi-Fi consumers have logged onto a neighbor's network in the last year.

Leeching off a neighbor's wireless connection seems pretty harmless. But it gets ugly when the leech uses that connection for activities that are illegal and/or reprehensible.

For example, in June 2004, two men plead guilty of hacking into Lowe's computer system through an unsecured Wi-Fi connection at one of its Detroit stores. The two men cracked Lowe's computers in six states and altered the home improvement retailer's sales system in order to steal credit card numbers.

Earlier this month, a Florida man was charged with the felony offense of unauthorized network access for sitting in a parked car so he could mooch someone's home Wi-Fi. Authorities didn't say what exactly he was doing via that Internet connection.

But the unsavory possibilities include swapping pirated media files, downloading child pornography, pumping stocks or posting slanderous messages or hate speech on Internet forums, according to Tom Ohlsson, director of marketing for Roving Planet, a vendor of enterprise wireless LAN security and management software.

"You don't want your IP address associated with the activity, so why not go three or four blocks away and highjack their IP address?" Ohlsson said. "There are absolutely no digital fingerprints."

At least, there are none of the perp's. But the illegal activity could show up in the log files of the ISP as coming from the legit computer inside the house.

"Whatever folks use the Internet for will be the uses that unsecured [access points] are used for," said William Terrill, a senior analyst for Burton Group. "And, by using someone else's [access point] and Internet connection, the user gets a free ride and a certain level of 'safety' from detection." He pointed out that simply logging onto an unsecured wireless node couldn't be considered hacking.

"Two or three years ago, wardriving meant guys driving through the neighborhood looking for open networks just for their jollies or to check their e-mail," Ohlsson said. "Warjacking is a whole new ballgame: using someone else's Wi-Fi connection for really bad activity."

In a recent survey of consumers, Jupiter Research, which is owned by the same corporation that owns internetnews.com, found that 30 percent worried about others using their connections for illicit purposes. The majority of them had turned on security features of their wireless networks, with 63 percent enabling WPE. However, Jupiter analyst Ina Sebastian thought that number a bit overstated.

"Consumers may over-report security use, knowing that they should use it," she said. In the survey, 22 percent of wireless network owners and 29 percent of those who had their Wi-Fi networks for less than a year were flummoxed by the process of enabling security. Most of the newbies got Wi-Fi from their cable or DSL providers. "It's easier, and they provide tech support," she said. "Wi-Fi is moving down from the tech savvy to the mainstream."

EarthLink hasn't gotten may complaints or queries from its customers about their Wi-Fi being hijacked, according to Kevin Brand, vice president of product management.

"But whenever there's an opening, people seem to find it. Over time … people will take advantage," Brand said.

Jeb Linton, EarthLink's principal engineer, added that most of the time, consumers would have no way of knowing their bandwidth was being filched. "It would be a rare circumstance where someone had the sophistication to watch the network without the intelligence to secure it," he said.

Consumers' top concern about vulnerability of their home Wi-Fi was identity theft, Jupiter found, and experienced hackers can easily snoop the contents of a hard drive via an unsecured Wi-Fi connection.

Terrill agreed that unsecured access points are a huge potential problem. "Some recent surveys that I've seen indicate that roughly 35 percent or so of the business APs are not secured. Home users are even more lax -- plug and play doesn't come with security for wireless."

ISPs warn their customers over and over about security, and most provide Wi-Fi customers with equipment that's firewalled and uses NAT security, according to Mark Esser, owner of SuperNet, a Lomita, Calif., ISP. Neither do they use Wi-Fi for their own point-to-point connections, he said.

"Both WEP and WPA have been cracked," he said. "The open Wi-Fi nodes and hotspots have been the most troublesome. We still are finding cracks into those. ISPs who buy wireless access points and do a little service for the neighborhood, they're nailed all the time."

As a board member of the California Internet Service Providers Association, Esser works with federal investigators, and he said it's common for scammers to steal proprietary data, such as city tax records, by exploiting Wi-Fi vulnerabilities.

Many ISPs make it clear that they won't be responsible if their customers aren't.

Paul Blankenship, manager of Solano Computer Resource, said, "I inform the user that it will be a secure network. I give them their settings and so forth. On the customer's bill, we have the text, 'Wireless network set up with security measures and encryption. Any changes to SCR settings are made at user's own risk.'" Customers must sign a copy.

If a customer for some reason opts out of the security settings, that also is noted and the customers' bills include the disclaimer, "User requested unsecured network. SCR can not be held responsible for unauthorized access or damaged done by unauthorized access to the network."

The stakes are higher for the enterprise. Hackers access confidential information through an unsecured Wi-Fi connection, such as medical records, leaving the company vulnerable to violations of federal laws such as HIPPA or, in the case of schools, the Child Internet Protection Act.

There could be a liability even if someone outside the school property used its Wi-Fi connection to download obscene material, said Ohlsson. Roving Planet's software lets administrators set policies that determine not only who can access the network, but also when, where and why, he said.

For example, a school could set a policy so that a sixth-grade teacher could access the network only from within the classroom, only during school hours and only to work with the class materials and records of his students.

In a survey last year, Jupiter found 16 percent of enterprises with wireless LANs had experienced security breaches that they knew of. Security is the number one concern of companies overall, according to Jupiter, and security breaches are the biggest barriers to enterprise deployment of Wi-Fi networks.

"Wireless is probably one of the greatest things we've come up with in the last 50 years in terms of the freedom it gives," SuperNet's Esser said. "But it does have some holes in it."

Comment and Contribute
(Maximum characters: 1200). You have
characters left.