Wardriving gang targeting small firms
Posted on 25 April 2011.
A group of individuals who are believed to have been engaged in wardriving around Seattle and stealing personal and financial information from networks belonging to small area businesses during the last five years, are currently being investigated by the local police.

Apparently, the gang has been using a black 1988 Mercedes Benz - customized with a range-boosting antenna, a Wi-Fi-enabled laptop with a passenger-seat mount and tinted windows - for driving around and searching for WEP encrypted WiFi networks.

The Wired Equivalent Privacy encryption is known to be easily breakable and is rarely used today. But, as Computerworld notes, most routers built between 2000 and 2005 have been using it by default.

And while major companies have ramped up their defenses and have mostly changed the encryption standard to WPA and WPA2, a lot of small businesses have failed to do so because they believed to be too small to attract the attention of criminals, or simply because they didn't have anyone in the company who thought about these things.

It is precisely this way of thinking that was taken advantage by the wardriving group. The Seattle police has been tracking the Mercedes since February 2010, and has finally seized it last October when its owner was arrested for allegedly paying the tab at a local bar with stolen gift cards.

The investigation came to light because of a request filed in court for permission to seize the car. It is still unknown whether the suspects in this case have been charged with anything.


Why vulnerability disclosure shouldn’t be a marketing tool

Brian Honan, CEO at BH Consulting, talks about a recent vulnerability disclosure trend – a trend that he believes may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their company’s bottom line.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Wed, Jul 1st