The origins of wardriving can be traced back to the hacking done by Matthew Broderick in the film “WarGames.” In the movie, he dialed every phone number in the area in order to find all existing computers. In 2001, that process evolved into access point mapping or wardriving, which involves finding vulnerable WiFi networks to exploit. While there are no specific laws about wardriving, the data procured can be used to exploit unsecured networks, which becomes a grey area of protecting personal privacy.
What Is Wardriving?
Wardriving consists of physically searching for wireless networks with vulnerabilities from a moving vehicle and mapping the wireless access points.
Wardrivers will use hardware and software to find WiFi signals in a particular area. They may intend to only find a single network or every network within an area. Once networks are located, wardrivers will record the locations of vulnerable networks and may submit the information to third-party websites and apps to create digital maps.
There are three primary reasons wardrivers look for unsecured WiFi. The first is to steal personal and banking information. The second is to use your network for criminal activity that you, as the owner of the network, would be liable for. The final reason is to find the security flaws of a network. Ethical hackers do this via wardriving for the purpose of finding vulnerabilities in order to improve overall security.
Software Used for Wardriving
Wardriving on a small scale can be done with a simple app on a smartphone. Larger attacks, however, usually require an entire rig with software and hardware specifically designed for the attack. The rig includes:
- Wardriving software or app: Popular wardriving programs include iStumbler, KisMAC, CoWPAtty, InSSIDer, WiGLE, NetStumbler, WiFi-Where, and WiFiphisher.
- GPS: A GPS, whether from a smartphone or standalone device, helps wardrivers log the location of wireless acccess points.
- Wireless network card and antenna: While some wardrivers use their phone’s built-in antenna, some will use a wireless network card or antenna to improve scanning capabilities.
- Smartphone or Laptop: May be used to run access point mapping software.
How To Prevent Wardriving
Wardrivers typically engage in this type of hacking with criminal intent. While some wardriving practices are harmless, there’s also the potential for hackers to utilize your network to commit online crimes with the connection registered to you or steal personal data with the purpose of exploitation. In either case, it’s best practice to protect your WiFi network from these types of breaches.
- Enable Encryption: Choose the highest network security protocol when opting for WEP, WPA, and WPA2 and never leave your network open or without a security protocol.
- Update the Password: Change the default password on your router and use multi-factor authentication when available.
- Add a Guest Network: Set up a guest WiFi network for visitors and smart technologies that connect to the internet to limit the access of those less-secure devices.
- Use a Firewall: Firewalls block unapproved communication and any attempts to access your system.
- Update Your Devices: Always install updates to ensure the most up-to-date patches and security on your hardware and software.
While wardriving is less common today than it was in 2001, the problem persists. Although ethical hackers use the process to find network vulnerabilities, there is still the possibility for the more dangerous alternative—those trying to exploit weaknesses to extract data or perform illegal activities. Always protect your devices using responsible digital habits and the privacy of VPN software.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
