Friday, August 8, 2008

War Driving & Data Breaches

by Felicia Donovan

A major news story broke a few days ago that 11 individuals have been arrested and charged in the TJ Maxx data breach revealed back in January, 2006. Many people probably saw the announcement on the news and didn't pay much attention to it, but the entire episode has much significance not only to those in the computer security industry, but to anyone who is running a wireless network - even the one you may have setup in your own home.

The TJ Maxx breach included many other favorite retailers such as Barnes & Noble (gulp), Office Max, Bob's Stores and Marshall's. It was to date, the largest data breach reported with an estimated 50 million credit and debit cards breached.

Go to fullsize imageWhat makes this breach so incredible is that the thieves initially gained access to the store's computer networks by "war driving." Remember the 1983 movie, "War Games," starring a very young Matthew Broderick? The young teen hacked into what he thought was an on-line computer game, but was a NORAD network and almost launched WWIII.

The term "war driving" has its roots in that movie and refers to people who drive around looking for open wireless networks to penetrate. In fact, the open networks are readily mapped and accessible via the Internet for others to see.

It takes very little equipment - a laptop, software and antenna - all of which are widely available, to war drive.

In THE BLACK WIDOW AGENCY series, my character, Alexandria, is a former hacker who loves to war drive.

That's fiction, but the reality is that if Alexandria was to drive around your neighborhood, it's very likely that she'd find lots of open, unsecured wireless networks because so many people overlook the importance of locking their wireless access point down. Mind you, Alexandria would only infiltrate a network to get the goods on someone who had mistreated his wife or girlfriend, but in the real world, someone could easily infiltrate your network and do lots of nasty things.

They could "borrow" your Internet service to launch a "Denial of Service" attack on someone else's computer or "sniff" the packets of data traveling through the air using a special software program to steal your credit card information as you ordered on-line. This sniffer might also glean your username and passwords to your bank account that you routinely check on-line. Or, maybe they'd use your Internet connection to download sexually explicit images of children so when the police trace the path back, they knock on your door.

That's why you need to lock your wireless network down, meaning you follow all the instructions that came with it including changing the SSID (the name of your network that is broadcast) so it is not identifiable back to you like "123 Main Street." It means you change the default username and password as soon as you set it up and make both something that is not easy to guess. It means you use the highest encryption level you can based on whatever your computers can handle. It means you do your job of keeping your anti-virus software and operating system up-to-date on your computer to further reduce your risk. These are the minimal steps you need to take to ensure security. And by all means, if you're not sure about what to do, find someone reputable who can help you. It's that important.

I don't expect everyone to follow this advice. It's your choice as a homeowner, but gee whiz, big corporations ought to know better. That's YOUR data they're exposing to identity theft. The actual cost of the breach is estimated to be a staggering $256 million. Who do you think will eventually pay for that?


Joe Moore said...

Do you make house calls?

Sarah G said...

Is there a way to tell how many people are using your wireless? Also: how does this 'sniffing' work? What sort of software/function does this involve? I know how to pull up which network I'm connected to, but that's it.

Lisa Haselton said...

I'm just reading your first book now and am amazed at the detail you put in about this. It is scary! I use something call Hotspot Shield when I use wireless in a cafe - to keep other patrons from getting into my system, but I need to check on the other things you've mentioned.


Felicia Donovan said...

Joe, sorry, you couldn't afford me : )

Sarah, there are many sniffing programs out there, one of the more common ones being NetStumbler. They operate in listening mode so they're hard to detect. One symptom of possible sniffing is that your Internet connection runs very slow for no apparent reason.

Lisa, I'm happy you're enjoying The Black Widow Agency. You're smart to use HotSpot Shield. It's one of several products that reduces "sidejacking" or penetrating laptops by establishing a Virtual Private Network. Personally, I'm not a fan of public hot spots.

G.M. Malliet said...

Great, scary post!

Anonymous said...

In a world in which computer networks are involved in nearly every facet of business and personal life, it is paramount that each of us understand the basic features, operations and limitations of different types of computer networks.