Menu
 Home
 Local News    
 Global News
 Technical & Product News
 Opinions
 Contact Us
 Subscribe/Unsubscribe
 
 Publications
 ICT World
 Cable Talk
 Computing S.A.
 Network World
 The Channel
 IT users handbook
 
 Sponsors
 ICT World Company Directory
 
 Partners
 CareerJunction
 Johnnic Mag Division
 
 Privacy Policy
 Privacy Policy
 
   
   

Drive-by hacking problem growing

Date: 15 October 2004
Issue: One Hundred and Ten (11/10/04-15/10/04)
(ICT World)
The ability to connect to someone else's wireless network is proving just too tempting for a growing number of 'wireless network enthusiasts', to the point that it is becoming a sport known as 'War driving' or 'Drive-by hacking'. IS Digital Networks MD, Barry Cribb, says via wireless, a drive-by hacker can plant a virus or Trojan horse application onto a network, and, even more concerning, use that network to attack other organisations.

He believes the problem is about to escalate because of the explosion of software that is now freely available to hackers. The risk is immense, he states. Drive-by hackers are now able to simply drive by any company running an unsecured wireless network and crack user logon names and passwords. This enables them to break into computer systems, access customer databases or company records, monitor credit card transactions, capture credit card details and gain access to, or modify, information and personal data, he adds.

He says hackers can break into a network by simply installing a wireless network card on their notebook, and make a simple antenna using a cardboard tube. The hacker will then park outside the office and use freely available software to discover the access points inside the building. They simply link to an access point and become a user on the network.

From here the hacker can enjoy free Internet access, use the network as if they were sitting at one of the PCs, browse other computers on the network, steal or modify data, intercept e-mail, send bulk spam e-mails with the companys network identity as the source, and attack other organisations with that companys network identity as the origin of the attack.

Even with all standard wireless LAN security features enabled, the hacker can crack Web encryption keys, sniff network packets, and, with a free password cracker, discover user names and passwords. All these applications are freely downloadable from the Internet in minutes.

Using a wireless-enabled laptop, almost anyone can gain full access to user accounts, passwords, and corporate data, including confidential records. The growth of wireless is excellent, says Cribb. It provides flexibility and functionality. But companies implementing wireless networks must be made fully aware of the huge risks as a result of powerful software now becoming available and unscrupulous people who will hack networks just for the fun.