Wardriving: A digital census of Wi-Fi networks?

下一個故事

BY LUCAS PAUS PUBLISHED JAN 6, 2017 – 03:32 PM

AWARENESS


One of the most interesting events I attended in 2016 was the 12th Ekoparty: “Hold  the Backdoor”, a security conference that we covered on WeLiveSecurity. On day two, there was a new seminar on wardriving, which ended with a walk through some of the main streets of Buenos Aires, during which more than 30 participants surveyed the security of the wireless networks as they passed by.

If the term “wardriving” is not familiar to you, I'll tell you what it relates to: It describes the practice of searching for Wi-Fi networks from a moving vehicle. So what is its purpose? It is mostly to survey the various wireless connections available, correlating them with their geographic location.

In this article, I will show you two ways in which you can try out these techniques and, finally, we will look at the results.

#1 The old-school method

For the first method, we recommend using a laptop, a virtual machine, a GPS, and an external Wi-Fi card. As we can see in the image to the right, both peripherals can be connected to a laptop via a USB port, making them more portable.


The most common tools are Airmon-ng and Kismet, whose instructions for correct use can be found in its official repository. In the next image, you can see how this tool looks in action:


#2 Using a smartphone

Nowadays, there are various apps that are very handy for performing wardriving techniques; one of them is WiGLE. One of its advantages is that, as well as being able to generate your own survey, it provides access to the many other users of its community who share their results, thus giving you a more extensive overview.

This app is free and does not require root permissions in order to run it. If you are interested in using it, as always, we recommend downloading it from official repositories.



One interesting feature is its automatic integration with Google Maps and Street View, which is a very visual way to see network density by the looking at the area you're interested in. As you would imagine, this is the simplest way to perform these techniques.


Knowing how secure networks are

So now we have the results, but how do we interpret them? Behind every Wi-Fi network there is a security level which normally corresponds to security protocols like WEP, WPA, and WPA2. Of course, the less secure ones are those which do not have any kind of protocol, described as open networks.


These days, many public buildings and spaces like airports, malls, and restaurants offer free Wi-Fi, which you can connect to without needing to enter a password. However, this means that communications over them are not encrypted and could easily be spied on and even modified for malicious purposes. For this reason, we do not recommend using this type of network, or at least not for actions that require sensitive information.


As for WEP protocol, it offers limited security levels, which means an attacker could easily find the network password using simple techniques in just a few minutes. This would mean that devices connected to such networks would be exposed. As regards WPA and WPA2 protocols, they are also subject to many attacks, but they require attackers to have more time and skills to be successful.


With this mind, it is interesting to see an overview of wireless networks found at an international level, through the app we talked about earlier:



If we analyze the networks found from January 2015 to January 2017, we can see that the quantity of open networks has reduced by more than 50%, amounting to just over 1% of all the networks surveyed, which on the face of it seems like quite a positive change. However, if we take into account the actual number of networks, the picture looks more alarming, as it amounts to more than 3 million open Wi-Fi networks and almost 28 million with weak encryption like WEP.



Conclusion

The dangers of using or browsing on unsecured networks include loss of privacy, personal identity, and integrity of data or digital communications. While the trend shows that unsecured networks are gradually reducing in number, there are still more than 30 million of them out there, and there must be many more millions of users who are using these networks without any kind of protection.

While other protocols are susceptible to other types of attacks, the conditions required in order to carry them out make them more secure, so it is always advisable to use WPA2 protocol whenever possible.

Wardriving is a relatively old technique, but its results are still very valuable, not only in relation to security, but also as an indicator of how the use of wireless networks is changing. Several years ago, surveys were carried out from airplanes, and today, they are done from unmanned planes or drones.


Image credits: ©Travis Goodspeed/Flickr


About Version 2 Limited

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.


About ESET

Founded in 1992, ESET is a global provider of security software for enterprises and consumers. ESET’s award-winning, antivirus software system, NOD32, provides real-time protection from known and unknown viruses, spyware, rootkits and other malware. ESET NOD32 offers the smallest, fastest and most advanced protection available, with more Virus Bulletin 100 Awards than any other antivirus product. ESET was named to Deloitte’s Technology Fast 500 five years running, and has an extensive partner network, including corporations like Canon, Dell and Microsoft. ESET has offices in Bratislava, SK; Bristol, U.K.; Buenos Aires, AR; Prague, CZ; San Diego, USA; and is represented worldwide in more than 100 countries.