What is wardriving? Definition and explanation
Wardriving – definition
Wardriving in cyber security is the act of looking for publicly accessible Wi-Fi networks, usually from a moving vehicle, using a laptop or smartphone. The software used for wardriving is freely available on the internet.
The term derives from the 1983 movie WarGames. In the movie, the character played by Matthew Broderick engages in an activity called war dialing, which involves using a computer to dial multiple phone numbers to identify a working modem. Wardriving is seen as an evolution of this process.
What is wardriving?
Your smartphone sometimes tells you that there is a wireless network available and asks if you want to connect to it. That's because when your smartphone's wireless capability is turned on, it's constantly scanning for Wi-Fi, so it knows when you happen to pass by an available network. At its most basic level, that’s what wardriving is.
Wardrivers use hardware and software to find Wi-Fi signals in a particular area. Often, their objective is to identify vulnerable Wi-Fi networks that they can exploit. From moving vehicles (the ‘driving’ part of wardriving), they attempt to locate vulnerable networks for later potential use in attacks (the ‘war’ part of wardriving). Once found, wardrivers may submit the information to third-party websites and apps to create digital maps.
Motivations for wardriving can be malign or benign. Malign motivations might include wardrivers seeking out unsecured Wi-Fi so they can steal personal or banking information, or using an unsecured network for criminal activity that the owner of the network then becomes liable for. Benign motivations might include ethical hackers trying to find the security flaws of a network to highlight vulnerabilities and improve overall security.
Depending on the mode of transportation, variations of wardriving include warbiking, warcycling, warwalking, warjogging, warrailing, wartraining, and warkitting. Wardriving is sometimes also known as wireless network mapping or access point mapping.
Wardriving has been around since the early days of the internet when wardrivers would roam around trying to identify unprotected Wi-Fi access points. However, it has become less popular in recent years, mainly because wireless networks – with WEP giving way to WPA, WPA2, and WPA2 – have become more secure.
While the premise behind wardriving derives from the 1983 film WarGames, the word itself was coined by a computer security researcher named Pete Shipley. In 2000, he was able to author scripts to interface with his GPS to automate the process that became known as wardriving. The scripts he developed were able to read the coordinate information on the GPS device and enabled him to plot Wi-Fi access points on a map. This capability removed the need to write down one's physical location while driving when seeking out unsecured wireless access points. At the time, Shipley discovered that only 15% of the Wi-Fi networks in the areas he surveyed were protected by encryption.
How does wardriving work?
Wardrivers use a mix of software and hardware to carry out their aims. This typically includes:
- A mobile device – such as a smartphone, laptop, or tablet.
- Wireless network card and wardriving antenna – some wardrivers use their phone's built-in antenna, while others use a wireless network card or antenna to improve scanning capabilities.
- Wardriving software – this allows wardrivers to bypass network security. Popular choices include KisMAC, Aircrack, Cain & Able, CoWPAtty, iStumbler, InSSIDer, and WiFiphisher.
- GPS, either from a smartphone or standalone device – without this, wardrivers won’t be able to pinpoint the location of the vulnerable network.
Some wardrivers try to find all the wireless networks with vulnerabilities in a specific area, while others are content to locate a single vulnerable network. The wardriving data can be uploaded to certain websites or apps, which then use it to build a digital map of networks in a neighborhood.
If hackers access your network through a wardriving attack, they could potentially engage in malicious activities like installing malware on your home computer and other connected devices. They could also carry out online frauds such as identity theft, using the private data they obtain from the computer and other devices connected to your network.
Is wardriving illegal?
In short, no: there are no laws that prohibit people from gathering or collecting data from wireless networks or creating computer-generated maps. That said, wardriving can be illegal when it involves exploiting insecure networks to access private information.
Wardriving isn't always considered unethical. The wardriving data can be shared on some resources or website, which could develop digital maps of networks of a certain area. It could be compared to making a map of a street’s house numbers for mailbox labels. Interested parties can then legally use this data for a range of purposes. However, because attackers can use this information for unethical purposes, this is a grey area when it comes to privacy.
A commonly cited example of the gray area around wardriving is Google’s Street View, which involves cars recording footage for interactive, online panoramas. Street View was used for wardriving by Google, which used equipment to locate local-area networks (LANs), wireless hotspots, and home Wi-Fi networks. However, following a privacy storm in some countries, Google has been using Android-based mobile devices to gather this data.
How to prevent wardriving attacks on your network
Some of the network security practices you can follow to minimize the risk of a wardriving attack include:
Turn off your Wi-Fi network when not in use
When nobody is home or using your Wi-Fi router, turn it off. This will prevent the network from being accessed by hackers.
Change your router’s default factory password
Wi-Fi router manufacturers typically assign a standard username and password to help users quickly set up and configure the device. These default credentials may be known to hackers, so changing the login to a unique name and password combination is important.
Use multi-factor authentication
Multi-factor authentication is when two or more steps are required to log into a system. You may combine a password requirement with a code sent to your mobile phone that you need to enter to proceed. This provides an added layer of security between hackers and your information.
Choose the highest network security protocol possible. This means using a router with up-to-date, secure encryption like Wi-Fi Protected Access 2 (WPA2) or WPA3 and allowing router access by passwords only.
Add a guest network
Set up a guest Wi-Fi network for visitors and smart technologies that connect to the internet to limit the access of less secure devices.
Install a firewall
Firewalls are essential in protecting networks because they monitor access requests and block any activity from unapproved sources. Use firewalls to add an extra layer of security to your standard Wi-Fi setup.
Disable SSID broadcast
Your SSID (Service Set Identifier) is broadcast by your network by default so that devices can find it and connect to it. This may not be necessary for your home network, and disabling this function will decrease your chances of being found by hackers. Advanced software could still find the network, but it will be more difficult.
Keep your devices up-to-date
Install the latest updates to ensure your hardware and software benefit from the latest security patches. Patches address the security flaws that could leave your network vulnerable. You can update the firmware via the router’s admin panel (access it by typing the router’s IP address into your browser).
Although wardriving can be a real security threat, it doesn’t have to be a hazard to your home wireless network. You can keep your network and data locked down by taking sensible precautions. The best way to stay safe online is by using a comprehensive antivirus such as Kaspersky Total Security, which works 24/7 to secure your devices and data.