http://www.asahi.com/english/Herald-asahi/TKY200705180101.html By Yoshitaka Sumida THE ASAHI SHIMBUN 05/18/2007 Prepaid wireless network cards provide convenient Internet access anywhere, but in the wrong hands they can be misused to commit fraud. And this amounts to an open invitation to "wireless hackers," whose numbers are proliferating. Prepaid wireless network cards are the tool of choice because they leave no tell-tale fingerprints, which allows perpetrators to slip away undetected into cyberspace. If card distributors were to confirm the identity of the purchaser, this could be avoided. But if the retailer skips the process then no record of the customer is retained. Police investigating a hacker attack may be able to track down the prepaid wireless card but they will be unable to find the hacker who used it. To prevent their use in the commission of a crime, the National Police Agency will require distributors to push for more comprehensive customer background checks. Wireless network cards work when they are inserted into ports on personal computers to wirelessly enable them at any location where PHS or cellphones can be used. The cards are sold with a variety of Internet access plans to meet a user's needs. A prepaid card includes Internet access and communication fees for a certain time period. They are hassle-free as no further billing is required. That is why some distributors allow retailers to forgo ID checks. According to the National Police Agency, crime involving the cards began cropping up three years ago. In 2005, police nationwide made arrests or sent papers to prosecutors in 271 illegal Internet access cases. Of the total, 28 cases involved prepaid cards. Police investigations into illegal Internet access involve tracking down the source by checking the access record of the server that came under attack. If the network was accessed via cable, the user can be identified via the Internet service account. However, in cases where a prepaid card was used, and the retailer failed to record customer ID, it is only possible to get to the card used in a wireless attack, but not to the "hacker" as there is no Internet service contract record. According the National Police Agency, police were aware of 592 illegal access cases in 2005, through complaints made or suits filed. However, as of May 2006, investigations had gone cold in 31 of the cases that involved prepaid cards. But through diligent cyber sleuthing, some cases have been cracked. In September 2005, police in Ibaraki Prefecture broke a fraud and illegal access case after 16 months of detective work and arrested a man and a woman who had no fixed address. The pair, who were constantly on the move in their vehicle, sold nonexistent merchandise on Internet auction sites using a wireless network card. Some 340 gullible buyers were allegedly duped into paying a total 80 million yen to the couple. Police were able to trace their network card via Internet access records. However, the retailer had not confirmed the purchaser's ID. So the police traced PHS signals to locations of origin, and tracked down a suspicious vehicle that was traveling in and out of the area. The car was tailed from Itabashi and Ikebukuro in Tokyo to Saitama, before police arrested the couple on suspicion of fraud. In July 2006, the Ishikawa prefectural police tracked down a group that was trafficking pornographic DVDs. In this case, the retailer had not ID'd the purchaser of the prepaid card used in the crime. To complicate things further, the card had been given to another user. But the Ishikawa police got a lucky break. The original purchaser used a point reward card issued by the retailer--made out in the real name--when buying the card. This allowed the police to identify the suspects. _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu May 17 2007 - 23:41:38 PDT