Wardriving is the act of searching for wireless networks while moving around a specific area in a moving vehicle. It involves using equipment which typically includes a GPS device and laptop.
What is the purpose of wardriving?
In a cybersecurity context, the purpose of wardriving is to find vulnerable networks to exploit. Wardrivers will gain unauthorized access to these networks and steal personal information or use them for criminal activities. In other cases, the wardrivers may not be the ones who carry out the attacks themselves. But they will share information of these unsecured networks with third-party apps or websites.
[Never a dull moment in tech. Keep up by getting the ExpressVPN Blog Newsletter.]
Wardriving is undertaken for a variety of reasons, ranging from the benign—like education, research, site surveying, and as a hobby—to the malicious, where attackers track and gain access to your network with the goal of stealing sensitive information like bank account details.
It’s not just in cars. Other variations on the practice include warbiking, warcycling, warwalking, warjogging, wartraining, and warskating—which as you can probably guess from their names, involve different modes of transport. Each variation has its pros and cons, namely that they might cover different types of terrain and geographic density.
The name wardriving evolved from wardialing, an exploit technique seen in the 1983 film WarGames. Wardialing involves dialing all numbers in a given sequence—usually in a specific area code—in search of modems, computers, fax machines, or servers.
How does wardriving work?
Wardriving requires a combination of software and hardware to work. These typically include:
- A mobile device like a smartphone, laptop, or tablet
- Wardriving software to bypass network security
- A wireless network card and a hi-gain antenna
- GPS, usually from a smartphone or a standalone wardriving device
For starters, wardrivers need to have a smartphone or laptop on which they install the wardriving software to carry out the wardriving attack. The wardriving software will help them crack Wi-Fi passwords and decrypt the discovered networks. Attackers will also use GPS, which determines the locations of the Wi-Fi networks.
After identifying vulnerable networks, wardriving attackers will upload such information to wardriving software and create a map of these vulnerable networks.
Is wardriving illegal?
While the practice itself isn’t illegal, there are aspects that are legally vague. For example, the practice of searching for and cataloging Wi-Fi networks is perfectly legal, as this would be a passive action and considered an exercise in data collection. Where it gets tricky is if wardrivers begin actively interacting with Wi-Fi networks, where “interaction” constitutes access to a private network.
Taking this one step further is the concept of piggybacking, the act of accessing and using another person’s Wi-Fi connection without their knowledge or permission. The legal status of piggybacking varies across the world, ranging from ill-defined to illegal.
In the U.S., a commonly cited example of how to define unauthorized access of a network is the case of State v. Allen, 260 Kan. 107 (1996). During this case, the court differentiated between approaching a network and attempting to gain access. They also ruled that, approaching a network without permission was legal, attempting to access it without permission is not.
For wardriving, one possible interpretation is that scanning for nearby Wi-Fi hotspots is legal while attempting to gain access to the hotspots is not.
What tools do wardrivers use? (software & hardware)
Wardriving software or apps
Wardrivers often use software applications that give them the ability to discover surrounding Wi-Fi networks, test signal strength, and bypass network security.
Smartphone or laptop
Wardrivers need a smartphone, laptop, or tablet in which they install the wardriving software mentioned above to manage the whole wardriving process.
The GPS system will determine the exact location of the vulnerable network. The wardriver will use the GPS from either a smartphone or standalone wardriving device.
Wireless network card and antenna
Wardriving antenna allows the wardriver to identify vulnerable networks. Typically, they’ll mount an antenna to their car while it moves around in search of vulnerable networks. In other cases, some wardrivers may use their phone’s built-in antenna.
Tools for generating maps
Wardrivers will also use crowd-sourced databases to generate maps of discovered Wi-Fi networks.
How can I protect myself against wardriving?
Protecting yourself from wardriving comes down to securing your Wi-Fi network. The good news is—there’s a lot you can do to protect your network and keep the wardrivers away.
Use a VPN router
The best way to protect your Wi-Fi network from wardrivers is to use a VPN router. While standard routers enable you to set a password on your Wi-Fi, a VPN router takes it one step further and encrypts all traffic moving to and from all your devices connected to your network. This keeps them safe from your internet service provider, hackers, and governments.
Turn off your router when you’re not using it
Your router broadcasts Wi-Fi signals when it’s turned on. To prevent attackers from locating your network, turn off your router when you aren’t using it.
Change your router’s default username and password
Your router has an admin interface, from which you can change your network settings using the default username and password. Routers from the same maker usually have the same default ones, so it isn’t difficult for wardrivers passing by to sign in to your admin interface. From there, they can do different things—from locking you out of the router with a new password to hijacking your network.
Read more: Guide: When and how to reset your router
Use multi-factor authentication
If possible, enable multi-factor authentication for your router’s settings page. Any login attempts will send your device an alert and keep you aware of unauthorized access. Though, not all routers allow enabling multi-factor authentication.
Use the highest network security protocol
As the operator of a Wi-Fi access point, you should always use WPA2 as it is still the most robust standard.
Add a guest network
A guest network gives your friends and visitors access only to your internet connection, and nothing else! It is a separate access point and isolated from the standard network your devices are connected to. That means visitors and wardrivers can’t see or access your devices. Most importantly, they can’t accidentally compromise your devices or your network in any way.
Install a firewall
Firewalls can detect and block unauthorized access to your network. It adds an extra lawyer of security to your network and all your devices connected to it. Learn more about how firewalls work.
Keep your devices up-to-date
Keeping your devices updated can fix bugs and reduce vulnerabilities. This includes your router’s software and the operating system of all the devices connected to your network.
FAQ: About wardriving
Is wardriving a real threat?
Wardriving has become a less popular method of hacking in recent years, mainly because wireless networks have become more secure. That said, it can still be a real threat and do harm to your Wi-Fi network. It’s always wise to take preventive measures and secure your Wi-Fi network—from installing a VPN on your router to keeping your software updated.
What is the point of wardriving?
The purpose of wardriving is to find vulnerable networks to exploit. This involves stealing personal information and committing crime using these networks. In other cases, wardrivers may share information of these unsecured networks with third-party apps and websites.
How can wardriving affect you?
What type of information can be gathered by wardriving?
Wardriving attackers can collect information about Wi-Fi networks, such as the security or encryption type, location, and network name.