You may not realize it, but in most major U.S. cities computer data is being broadcast through the air — just like FM radio waves or TV signals. In this post-Sept. 11 era, when everyone is extra vigilant about safety and security, those data broadcasts could be a big headache for Internet security watchdogs.
TODAY, 7 million people access wireless networks this way — but so do computer hackers, who have learned how to listen in on the zeros and ones flying around.
There are fears that computer-controlled power grids, telephone networks, even water treatment plants could be attacked via computer.
But even as security experts sound the alarm, data is being spread faster, farther and wider. And hackers can tune in — just like you tune in your car radio:
“Most everything connected to the Internet is vulnerable to some degree,” said Kevin Poulsen, a former hacker who now writes about computer security issues for SecurityFocus.com and goes fishing for networks in his car now just to prove a point.
“This is an SS i.d., this is the most important thing ... ”
Hackers call this ‘war driving’. Remember the Matthew Broderick movie ‘War Games’? A hacker in that movie programmed a modem to dial sequentially through phone numbers in search of a computer with an open front door. He dubbed that “war dialing.”
“War driving” is similar. Instead of dialing thousands of phone numbers, hackers now shuttle around the neighborhood looking for vulnerable systems.
Just for fun, we went for a lunchtime drive and found dozens of networks broadcasting data right out to the street.
What does it mean when Poulsen’s equipment starts beeping?
“That means that we picked up a wireless network,” he says.
So what does that let us do?
“If they’re not using encryption, then we can likely hop onto their network, intercept their traffic, go out to the Internet or attack hosts within their own network.”
On a rooftop, armed with a small dish-like antenna aimed at office buildings we get more.
“BEEP.”
Poulsen has got something. “Its encrypted. Good to see.”
But fragile wireless networks are just the tip of the iceberg for Poulsen.
“We know that other critical infrastructures like the power grid, telecommunications system, the phone lines, water distribution all rely on computer networks.”
Computers aren’t secure, so computer criminals still have the upper hand. But would terrorists attack using these methods? Poulsen was the first to report that al-Qaida agents were studying computers that control water systems here in the United States.
“If at the same time that a serious terrorist attacks happens, our phones stop working … or our power goes out, it would amplify things considerably,” he says.
Stories about fragile computers have mounted in recent years — but since Sept. 11 the stakes are much higher in the world of computer security.