Wardriving in cyber security is the act of looking for publicly accessible Wi-Fi networks, usually from a moving vehicle, using a laptop or smartphone. The software used for wardriving is freely available on the internet.
Wardrivers use hardware and software to find Wi-Fi signals in a particular area. Often, their objective is to identify vulnerable Wi-Fi networks that they can exploit. From moving vehicles (the ‘driving’ part of wardriving), they attempt to locate vulnerable networks for later potential use in attacks (the ‘war’ part of wardriving). Once found, wardrivers may submit the information to third-party websites and apps to create digital maps.
While the premise behind wardriving derives from the 1983 film WarGames, the word itself was coined by a computer security researcher named Pete Shipley. In 2000, he was able to author scripts to interface with his GPS to automate the process that became known as wardriving. The scripts he developed were able to read the coordinate information on the GPS device and enabled him to plot Wi-Fi access points on a map. This capability removed the need to write down one’s physical location while driving when seeking out unsecured wireless access points. At the time, Shipley discovered that only 15% of the Wi-Fi networks in the areas he surveyed were protected by encryption.
How does it work?
Wardrivers use a mix of software and hardware to carry out their aims. This typically includes:
- A mobile device – such as a smartphone, laptop, or tablet.
- Wireless network card and wardriving antenna – some wardrivers use their phone’s built-in antenna, while others use a wireless network card or antenna to improve scanning capabilities.
- Wardriving software – this allows wardrivers to bypass network security. Popular choices include KisMAC, Aircrack, Cain & Able, CoWPAtty, iStumbler, InSSIDer, and WiFiphisher.
- GPS, either from a smartphone or standalone device – without this, wardrivers won’t be able to pinpoint the location of the vulnerable network.
Is wardriving illegal?
No, there are no laws that prohibit people from gathering or collecting data from wireless networks or creating computer-generated maps. That said, wardriving can be illegal when it involves exploiting insecure networks to access private information.
Wardriving isn’t always consider unethical. The wardriving data can be share on some resources or website. Which could develop digital maps of networks of a certain area. It could be compared to making a map of a street’s house numbers for mailbox labels. Interested parties can then legally use this data for a range of purposes. However, because attackers can use this information for unethical purposes, this is a grey area when it comes to privacy.
How to prevent wardriving attacks on your network
Some of the network security practices you can follow to minimize the risk of a wardriving attack include:
Turn off your Wi-Fi network when not in use
When nobody is home or using your Wi-Fi router, turn it off. This will prevent the network from being access by hackers.
Change your router’s default factory password
Wi-Fi router manufacturers typically assign a standard username and password to help users quickly set up and configure the device. These default credentials may be known to hackers. So changing the login to a unique name and password combination is important.
Use multi-factor authentication
Multi-factor authentication is when two or more steps are require to log into a system. You may combine a password requirement with a code sent to your mobile phone that you need to enter to proceed. This provides an added layer of security between hackers and your information.
Choose the highest network security protocol possible. This means using a router with up-to-date, secure encryption like Wi-Fi Protected Access 2 (WPA2) or WPA3 and allowing router access by passwords only.
Add a guest network
Set up a guest Wi-Fi network for visitors and smart technologies that connect to the internet to limit the access of less secure devices.
Install a firewall
Firewalls are essential in protecting networks because they monitor access requests and block any activity from unapproved sources. Use firewalls to add an extra layer of security to your standard Wi-Fi setup.