[ISN] FC: FBI releases advisory about 802.11-spotting "wardriving"

From: InfoSec News (isnat_private)
Date: Wed Aug 14 2002 - 02:37:20 PDT

  • Next message: InfoSec News: "[ISN] Infosec means NOTHING to Joe SixPack"

    ---------- Forwarded message ----------
    Date: Tue, 13 Aug 2002 15:18:17 -0400
    From: Declan McCullagh <declanat_private>
    To: politechat_private
    Cc: billshoreat_private
    Subject: FC: FBI releases advisory about 802.11-spotting "wardriving"
    This letter is from last month but we haven't covered it on Politech
    before. Read it carefully: The FBI claims that using an open 802.11
    access point without explicit authorization may be a federal crime
    ("theft of services").
    From:    Bill Shore [mailto:billshoreat_private]
    Sent:    Monday, July 08, 2002 9:56 AM
    To:      billshoreat_private
    Subject: Wireless networks - Warchalking/Wardriving
              It has recently been brought to my attention that
    individuals/groups have been actively working in the Pittsburgh area
    as well as other areas of the United States including Philadelphia,
    and Boston, and the rest of the world for that matter, to identify
    locations where wireless networks are implemented.  This is done by a
    technique identified as "Wardriving."  Wardriving is accomplished by
    driving around in a vehicle using a laptop computer equipped with
    appropriate hardware and software http://www.netstumbler.com/ to
    identify wireless networks used in commercial and/or residential
    areas.  Upon identifying a wireless network, the access point can be
    marked with a coded symbol, or "warchalked."  This symbol will alert
    others of the presence of a wireless network.  The network can then be
    accessed with the proper equipment and utilized by the individual(s)
    to access the Internet, download email, and potentially compromise
    your systems.  In Pittsburgh, the individuals are essentially
    attempting to map the entire city to identify the wireless access
    points, see here,
    Also, check this article from pghwireless.com,
              Identifying the presence of a wireless network may not be a
    criminal violation, however, there may be criminal violations if the
    network is actually accessed including theft of services, interception
    of communications, misuse of computing resources, up to and including
    violations of the Federal Computer Fraud and Abuse Statute, Theft of
    Trade Secrets, and other federal violations.  At this point, I am not
    aware of any malicious activity that has been reported to the FBI here
    in Pittsburgh, however, you are cautioned regarding this activity if
    you have implemented a wireless network in your business.  You are
    also highly encouraged to implement appropriate wireless security
    practices to protect your information assets,
              There are several articles available with additional details
    including http://www.warchalking.org as well as
    http://www.pghwireless.com.  A copy of the coding symbols is attached
    in .pdf format.  If you notice these symbols at your place of
    business, it is likely your network has been identified publicly.
              If you believe you may have been compromised or if you have
    any questions regarding this activity, you are encouraged to contact
    the appropriate law enforcement agency.  The FBI office in Pittsburgh
    and High Tech Crimes Task Force can be contacted at 412-432-4000.
    Bill Shore
    Special Agent
    3311 East Carson Street
    Pittsburgh, PA 15203
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    Recent CNET News.com articles: http://news.search.com/search?q=declan
    CNET Radio 9:40 am ET weekdays: http://cnet.com/broadband/0-7227152.html
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Aug 14 2002 - 05:33:01 PDT