That suspicious car might be casing your network

by ISABEL ESTERMAN

At first, Lee, an artist who lives in Montclair, thought the white van driving up and down his street last month was just one of the many motorists who get lost trying to find their way to nearby Highway 13.

“I wasn’t necessarily suspicious– I actually thought the gentleman was lost,” said Lee, who asked that his last name not be used. “He was backing up and down the street. I walked up to see if I could help him.”

When he got closer, Lee said the he saw the man was “quite clearly up to something.” The side of the van was open, Lee says, and inside he saw between six and ten laptops of different models and makes, on a set of shelves that looked homemade. “They were all open, all running, with cell phones either taped to the side of the monitor rather crudely, or quite close.”

As Lee approached, the man got aggressive.  “When I got close to him, he pretty much freaked out,” Lee said. “He jumped back into the van.  I just asked if he needed help.

Lee says he had heard warnings from neighbors about people cruising the streets looking for unsecured wireless networks.  So he called 911.

Lee hoped his presence would scare the man off, but instead the man sat in his van beckoned for Lee to come closer.  Lee says he couldn’t see clearly inside the van, but that he heard a sound he thought was a gun being cocked.  So he retreated to his lawn, he says, and kept trying to contact the police.

“I got a lawn chair and watched him,” said Lee.  “He didn’t leave until a second neighbor drove up.”

The police finally arrived about 40 minutes after Lee’s first 911 call, Lee said.  “The officers that showed up were very understanding,” he said.  But while threatening someone with a gun is clearly a crime, driving around with a van full of laptops is much more of a legal gray area.

The practice Lee believes he witnessed is known as war driving, says Scott Jackisch, owner of Oakland-based computer consulting company Globalize Networks.  As a hobby or as a criminal endeavor, people drive around with wireless devices looking for networks to log into. “What’s horrible is they actually post GPS coordinates of unsecured access networks,” Jackisch says.

As long as this hunt for networks remains recreational, it is essentially no different than when an ordinary citizen logs into a neighbor’s wireless network.  And nobody seems to be quite sure whether such behavior is illegal.

“It’s something we are aware of, and it does happen fairly regularly,” said Officer Steve Chavez, a theft investigator for the Oakland Police Department.  But actively combating war driving is beyond the authority of a local police department, says Chavez. “It would be like policing the internet, and that’s something we just can’t do.”

In 2006, the California legislature passed a law requiring manufacturers of wireless routers to notify consumers about the risk of personal information being spread through an unsecured wireless network.  In the same law, however, the legislature acknowledged there is still disagreement about the legality of unauthorized log-ins to an open wireless network.

A set-up like Lee describes, though, is unlikely to be used by someone just looking for a place to check email.   One possible explanation is a hacker looking for untraceable access to the internet, says UC Berkeley computer scientist David Wagner, who specializes in computer security.  Internet crime can be traced back to an Internet Protocol (IP) address  — the numerical signature internet service providers assign to each internet connection — but law enforcement can only use IP information to identify a network, not a specific machine or user, Wagner says. Other computers logged into a network in a home or a public place aren’t affected if one user takes advantage of this anonymity to commit a crime, says Wagner, though it is possible the network owner “might have a police officer knocking at the door” if activity on the network results in a criminal investigation.

In recent years, the most high-profile example of this kind of case has been the Recording Industry Association of America’s attempts to track down people who illegally download copyrighted music.

Innocent network owners probably have little to worry about, though. “Once we go to where the IP address sends us, and it’s a free and open environment, we can’t make arrests,” says Chavez.  “We can’t very well tell Starbucks ‘Hey, don’t let people use the internet for identity theft.’”

However, network users can be at risk if a criminal is trying to use an open wireless connection to hack into other computers on the network.  Both Chavez and Wagner point to the department store TJ Maxx as an example of what can happen when a network is breached.  Between 2005 and 2007, millions of credit and debit card numbers in the company’s databases were stolen, and authorities believe the crime was committed by war drivers who established a connection to an insecure wireless network and installed programs that allowed them to intercept payment information.

Criminals are much more likely to target a business network like TJ Maxx’s than a residential one. “There’s a lot more money and a lot more sensitive data,” says Wagner. “This much effort for a single machine is kind of small potatoes.”  But it’s relatively simple to do, and a criminal could snoop around for personal data while in the process of using an internet connection for other purposes.  “We’re talking about people who do illegal, extremely nasty things,” says Wagner.

“If you have file-sharing turned on, once they’re in your network, they can look at your files,” says Ralph Morewitz, who runs  an East Bay consulting service as “The Computer Maven.”  Personal documents like tax returns or health records contain important identifying information such as social security numbers, addresses and birth dates. “That’s everything you would need to open up a credit care account and rack up bills in another state or even another country,” cautions Jackisch.

A criminal hunting for this kind of information would have to open files, says Officer Chavez, and people who think they may have been a victim of this kind attack can look at  their computers’ history to see when documents were last opened.   Otherwise, Chavez says, this kind of intrusion leaves no trace until further crimes have been committed.

Anyone worried about identity theft should carefully review bank statements, credit card records and credit reports for any unusual activity. And victims of identity theft by computer should be especially cautious about their online accounts, adds Morewitz. “If suddenly you can’t get into one of your accounts, be very suspicious,” he says.  “Check for charges and transactions.”  Identity theft-victim or not, Morewitz says, people can help protect their accounts by changing passwords and double-checking security.

It’s also possible that a hacker could use a wireless network to infect computers with software that allows remote users to use them as a base for launching spam attacks (known as building a “bot network”). Having a computer infected with spamming software is minor compared to identity theft, said Jackisch, but still a significant irritation – both for the person whose computer is infected, and for whoever is on the receiving end of a spam attack.  “It’s theft of services, using your bandwidth,” he says. “You’d see unusual errors, like your browser crashing unexpectedly, or being taken to strange homepages, and a noticeable slowdown in services.”

There are also basic steps all wireless users should take to protect themselves.  First, says Jackisch, everyone should have up-to-date anti-virus and spam-blocking software, and the latest updates and service packs from their software manufacturer, which often fix known security problems.

People should also protect their networks with Wi-Fi Protected Access (WPA) security – an option available on all wireless products made after 2003 – and not the older Wired Equivalent Privacy (WEP) security, both Jackisch and Morewitz stress. “Otherwise,” says Morewitz, “anyone can get in.”

WEP security might block a freeloading neighbor, but an expert hacker can decrypt it in a matter of minutes.

“It’s like leaving your front door open, or leaving your computer out on the sidewalk,” says Jackisch “Your neighbor wouldn’t touch your computer, but if a hacker happened to see your computer…”

However, Wagner –who himself runs an open wireless network, because he sees it as “a neighborly thing to do” — reminds users that the vast majority of identity theft happens in other ways, like phishing for data through fake websites, or breaking into commercial databases.  Consider storing sensitive files on removable storage devices, he says, keep your machine fully patched, and be very careful about transmitting personal information over the internet.

“The internet is an incredibly useful, wonderful place and I don’t want to scare anyone off, because it can enrich your life in so many ways,” Wagner says.  “Just use a little bit of caution and a little bit of common sense.”

http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg

http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg|http://oaklandnorth.net/wp-content/uploads/2008/11/img_5282.jpg