What is Wardriving?
At first glance, the phrase ‘wardriving’ seems like something out of a video game, where your character gets into a car and drives around attacking opponents.
In fact, wardriving in the truest sense of the term is a little bit like this. But not quite.
Let’s set the scene. It’s been a difficult morning at work (you are working from home) and you decide to take a short break (because you can do that). You are having coffee and stare out of your window, seeing the world go by. You hardly notice a nondescript car cruise by.
A day or so later, you realize you have been locked out of your system. Someone else has access to it and now wants you to pay a hefty ransom to gain access. You have just been hit by a ransomware attack.
You are shocked. How this could have happened? Well, that car you hardly noticed a few days ago was the problem. Your home Wi-Fi was in the crosshairs of a wardriving attack.
Let’s take a look at this in detail.
Wardriving – what is it all about?
Matthew Broderick starred in a movie called War Games back in 1983. At one point in the movie, he uses a computer to dial multiple phone numbers to identify a working modem. This was called wardialing, and wardriving is essentially seen as an evolution of this process.
Let’s go a little deeper on the origins of wardriving.
Also known as access point mapping, the objective behind wardriving is to identify vulnerable Wi-Fi networks that can be easily exploited. Wardriving has been around for a long time. Computer security researcher and consultant Pete Shipley coined the term wardriving way back in 1999. Since then, there has been a dramatic increase in the use of wireless networks, meaning wardriving as an attack technique has come into its own and also become quite popular.
Wardriving – the process
Wardriving involves a hacker (ethical or otherwise) going around in a car searching for wireless networks with systemic weaknesses that can be exploited. A war driver will press specific hardware and software into service to zero in on Wi-Fi signals in a particular location. The objectives of different criminals will be different, while some will be satisfied with a single vulnerable network, others might want to find all wireless networks with vulnerabilities in a certain area.
Traditionally, wardriving isn’t categorized as an unethical practice. The wardriving data can be uploaded to certain websites which will then process this data to build a digital map of the networks in a neighborhood. Interested parties can then legally used this data for a range of purposes.
Ethical hackers use wardriving to evaluate the security posture of a network and find vulnerabilities.
Things can take a wrong turn
Unfortunately, we are not living in an ideal world. There are cybercriminals out there who use wardriving for the express purpose of getting into unsecured networks and stealing personal information, as well as launch a myriad of other advanced attacks such as ransomware attacks and more.
With remote work becoming a necessity, home wireless networks are seen as an easy way to gain unauthorized access into home and office computers. The question is: do you make it easy for hackers to access your systems by doing nothing about this threat, or make it difficult for them? It’s a no-brainer. You must take the necessary steps to prevent unethical ‘wardrivers’ from gaining access to your network.
Right off the bat, these are just some of the things you can do to protect your network/system from a wardriving attack:
- When not in use turn, off your wireless network. Also, turn it off when you are not at home.
- Make sure you change the router password regularly and follow password hygiene.
- If possible, make sure that router access is limited to people who know the password.
- There is no beating the power of patches to ensure the latest software security.
It is imperative that you have some awareness about wardriving and its place in the threat landscape. Awareness can help you take actions that will keep your wireless network safe.
An antivirus is an absolute must
Sophos Home is an antivirus solution that not only covers the security basics but goes much beyond to ensure business-grade security for your home computers. From antivirus and malicious URL blocking to anti-phishing, ransomware protection, and real-time threat prevention and more, Sophos Home brings immense security value to the table.
The key to a strong cybersecurity posture is not underestimating the sophistication of threats that are out there and taking preventive action. You’ll be able to handle security incidents better because you have planned for them .