Wardriving - The Terminology
It’s the term used for the act of hunting down a public WiFi by someone who is moving or traveling with the help of a data-driven device.
As it involves finding an internet access point, many refer to it as Access Point Mapping. Those who are involved in this act are known as wardrivers. Generally, they are hackers, initiating this act in search of stealing data from WiFi users.
Basically, Access Point Mapping is what we use in technical terms while wardriving is used in layman language.
Wardriving in action
The process, when adopted in real-life, involved using a data-driven device, software/hardware to spot vulnerable WiFi connections in a specific location, and roaming around.
Once the threat actor finds a weak WiFi connection, s/he starts recording the location of that connection on a digital map. Based upon the intentions of the hacker, the collected location details can be forwarded to other resources like 3rd party websites or clients.
Now, the name ‘wardriving’ changes as per the kind of vehicle used for roaming. For instance, it becomes war-biking when a hacker uses a bike and war-cycling when a cycle is used for roaming. However, the core process remains the same.
The act of wardriving was first illustrated in the WarGames movie.
What is wardriving in cybersecurity?
In the digital domain, a wardriving attack aims at taking over a WiFi network and exploit its data for ill purposes. Hackers plan it for capturing the public/private data of a particular area and use it for unauthorized purposes. Depending upon the intentions of the wardriver, it could also include injecting malicious code or software on a WiFi-enabled network.
Software necessary for wargaming
The success of a wardriving attack depends upon the wardrive skills and the kind of tools used. While we can’t help you judge the wardriver’s expertise, we can certainly tell you which software is required to get the job done.
- Software suite
A wardriving software suite is extensive and includes tools/software like a traffic analyzer, packet sniffers, aids to start a network-attack or participate in it, signal-strength testers, and so on. All these tools are required to decode and break the traffic and are mostly compatible with both mobile and laptops.
- Wardriving Antenna
This is indeed the most important software for carrying out a wardriving attack as it helps the hacker to detect the WiFi networks. Most of the WiFi networks run at 2.4GH frequency and are discoverable easily by an adept wardriving antenna. Various varieties of the antenna are present for the same.
- Bluetooth Connectivity
As WiFi and Bluetooth run on the same radio frequency, it’s easy to use Bluetooth to seize the data transferred on an insecure network.
- Raspberry Pi
Raspberry Pi is useful for wardriving attacks because it helps a hacker to link to any nearby GPS device and hunt an area for any vulnerable WiFi connection.
The legality of wargaming
Before you get into the act of wardriving, directly or indirectly, you need to understand the legality of this act. In terms of law, it’s hard to tell whether wardriving is legal or not as there is no such law that will stop people from accessing WiFi networks.
In fact, public WiFi is designed with the purpose of providing connectivity to the mass. So, connecting to the WiFi isn’t illegal. However, gathering or accessing someone else’s information is an unlawful act.
If you’re wardriving and using the network just to browse or download normal content, there is nothing to worry about. But, if you’re using wardriving to steal crucial or sensitive information and using it for ill purposes, then you’re breaking the law.
Now, again we have something to reconsider for accessing data using wardriving. If you’re gathering data that will add value to the public data, you’re not committing a crime. A common example of this is creating digital maps of networks.
The Google Street View and Google Navigate feature that we use is possible because of wardriving only. So, the legality of wardriving is based on what kind of data you’re accessing and how you’re using it.
How do you prevent wardriving?
The technique seems beneficial for hackers. But, for the target, it’s a nuisance that must be tackled or fixed as early as possible. Here are some of the key wardriving prevention techniques that everyone must try to avoid the wardriving attack.
- Don’t keep your router On always. Switch it off when you’re not using a WiFi connection. Keeping the connection On always increases resource consumption and war-driving attack possibilities. So, try to make sure you’re not keeping it On unnecessarily.
- Don’t use the vendor-offered router password as it’s a very easy-to-guess password like 1010 or 2020. Hackers will have no hard time guessing the passwords. It will increase your danger. So, make sure you change the default passwords instantly.
- Enforce 2FA or MFA for the WiFi login. This login approach applies two more login processes to access the WiFi connection.
- Hackers have to do double hard work to decode all the login details. One even drops the idea of hacking the network when so many steps are involved.
- Try to use premium-quality encryption. WPA2 or WPA3 is the best encryption for your router.
- Apply access limits for a WiFi connection. Don’t allow ‘Unlimited devices’ for your WiFi connection. Analyze how many users you have and permit only that many devices.
- A firewall is a highly effective tool for WiFi connection protection. With its help, you can prevent any unwanted or unauthorized admittance to your network.
- Check whether or not SSID is activated. When activated, this feature will allow others to find out about our connection and get connected. This isn’t a good thing for your device and WiFi connection.
- Make sure you have the latest and updated versions of software/OS/tools at your service. With each version update, you receive security patches that will increase your security standing.
With these tips and suggestions, it’s easy to mitigate the wardriving risks and enjoy safe access to the WiFi network.