A couple of buddies get in their car on a Saturday morning. They’ve got
steaming coffees and a laptop. As the passenger boots up the computer, the
driver pulls out and banks a left onto a busy downtown Boston street. But in
this scenario, it doesn’t have to be Boston. It could be Chicago, New York,
Duluth or Portland. What happens next could happen anywhere.
As they drive around town, passing major banks, investment firms and
up-scale retailers, the laptop comes to life beeping excitedly. The buddies
laugh victoriously, taking notes and plotting points on a map. These guys
are called war drivers… and they could be a security or IT manager’s best
friend or worst nightmare. It all depends on how secure the company’s
wireless network is and what the war drivers’ intentions are.
War drivers, often using freely downloaded software, are roaming streets
around the country scanning for unsecured wireless connections. Think of it
as a live-action, high-adrenalin version of the old video game, Pac Man.
They’re driving around trying to find or `gobble up’ as many unsecured
connections as they can. The more they find, the more better they’re doing.
To the war driver, it’s a sport or a game. It’s a lot more serious, however,
to the IT manager or security administrator running those networks.
War drivers using NetStumbler, a wireless LAN discovery tool that can be
downloaded for free, can submit their network findings to the
NetStumbler.com Web site. Those findings can be added to a national map of
wireless networks. Recent reports noted that the map showed more than
100,000 access points across the country. But Wayne Slavin, founder of
NetStumbler.com, says that number is out of date. So many new access points
have been plotted out that he can’t even keep track of them at this point.
“War drivers are independent security vigilantes almost,” says Slavin, who
earns his living as a sales engineer with Lindows.com. “This is about
security. It’s about letting people know there’s this fantastic new
technology out there and it will revolutionize networking. But be aware of
what comes with that. Be aware that you might deploy a wireless network
that’s open to anybody who drives by with a laptop computer. Be aware that
you need to protect your data. This is a tool to see how secure you are.”
Most Wireless Networks Unsecure
The problem is that most companies using wi-fi connections still are not
aware of the risks. Or if they are aware, they haven’t had the time or the
budget to secure their wireless connections. Slavin estimates that 80
percent to 85 percent of wireless connections are unsecured today. That’s
just a little higher than many analyst estimates that put the figure around
Whether it’s 80 percent or 70 percent, that’s still a lot of unsecured
And that’s a big problem.
An unsecured wireless network doesn’t just mean that someone could sit down
on a bench across the street from a mortgage company and hitchhike on the
wireless connection to email her mother or order a new L.L. Bean backpack
online. It means the person sitting on that bench or in a car parked across
the street or in an office building next door could enter the mortgage
company’s network. She could be one giant step closer to critical financial
information. She could be one giant step closer to wreaking havoc on an
“From a company standpoint, the fear is that anybody could come in through
a wireless access point and connect into the corporate LAN,” says Ken
VanWyk, founder and principal consultant with KRvW Associates, LLC, an
Alexandria, Va.-based IT security consulting firm. “Think of it like it’s
crunchy on the outside but soft and chewy on the inside. If somebody can
completely bypass the firewall you’ve put up, then in most cases, it’s very
easy to get access to internal servers.
“Once they’re in, it’s just like they’ve plugged into a network from a
conference room or a person’s office,” adds VanWyk. “That means they’re
free to browse through the network looking for misconfigured servers and
VanWyk adds that any executive who wouldn’t want a business rival to waltz
into his boardroom and plug a laptop into his network, should make sure his
wireless access points are secured.
But as it is with most new technologies, many companies are far more
concerned with staying current and getting the new gadgets hooked up.
They’ll worry about security later. Or it could be a matter of the budget
having room for new wireless technology but not having room this year for
the necessary security to go along with it.
Danger of Rogue Connections
Another problem, according to Rick Doten, director of vulnerability
assessment at Herndon, Va.-based NetSec, Inc., is when the IT manager or
security administrator doesn’t even know there’s an unsecured wireless
connection coming into the company. A rogue connection.
“People can go to Best Buy and get an access point for under $100,” says
Doten, who adds that he’s found them hidden under desks and in filing
cabinets. “These are internal people who aren’t trying to be malicious.
They want the convenience of having a wireless access point but they’re
creating an open door. The IT department doesn’t even know it exists, so how
can they fix it?”
NetStumbler, one of the many wireless network detection tools out there, can
be used to audit a corporate network, clueing IT managers in to whether or
not they have open access points.
NetStumbler’s Slavin says it’s a tool for the good guys. And most analysts
agree. But there is the fact that any access point detection tool could be
used by someone looking for a way to break into a corporate network, either
to cause mischief or to destroy data or steal information. Obviously, it’s
not the tool but the way it’s used.
And an unsecured wi-fi network is an open invitation to corporate spies or
Slavin notes that detection tools give IT managers the information they need
to correct access problems before the company suffers because of it.
“War drivers are not the bad guys,” says Slavin, who notes that there have
been 5 million downloads of NetStumbler. “They’re contributing to the
wireless community… Of course, how it’s used is a concern. But I think the
positives that have been had because of NetStumbler outweigh any of the
negatives. More networks have been secured than compromised by any tool out