US federal law enforcement officials have warned companies
throughout the Pittsburgh area of a systematic effort to mark and
map nonsecured Wi-Fi 802.11b wireless access points throughout many
of the nation's major metropolitan areas.
Bill Shore, a special agent with the US Federal Bureau of
Investigation (FBI)'s Pittsburgh field office, sent an e-mail last
month to private-sector members of the local FBI Infragard chapter,
warning them of a process known as "warchalking", the physical
marking of a building or facility to denote an open wireless access
point.
Infragard chapters are local partnerships between the FBI and
businesses in particular geographic areas focused on cybersecurity
information sharing. There are 56 such chapters in the USA.
Shore likened warchalking to tramps marking public places that are
willing to provide a hot meal, or the way spies mark dead-drop
locations to exchange packages. Although the markings can be used
for legitimate purposes, such as denoting a free public access
point, officials fear that markings are being made on corporate
buildings - enabling hackers, and possibly even terrorists, to more
easily locate vulnerable wireless LANs.
The threat posed by warchalking, however, goes far beyond what
might be considered isolated incidents of scanning for the presence
of wireless networks.
"In Pittsburgh, individuals are essentially attempting to map the
entire city to identify the wireless access points," Shore said in
an interview. Although he said there have been no reports of
buildings in Pittsburgh being physically marked as they have in
other parts of the country, Web sites have popped up that provide
interactive digital maps denoting the precise locations of dozens
of Wi-Fi access points in cities such as Pittsburgh, Philadelphia,
Boston and Berkeley, California, as well as regions in northeast
Texas and various college campuses.
For example, a Web site called Zhrodague Wireless Maps (ZWM) allows
war drivers - those who go around looking for wireless networks -
to submit output from their war-driving adventures and then creates
digital street-level maps that show the location and signal
strength of 802.11b access points. In some cases, satellite photos
are used.
The site, which advertises itself as a service that puts "Wi-Fi on
the map," includes more than 28,000 entries from war-driving
results in Boston alone. It also provides maps for Germany and
Okinawa, Japan.
Another Web site, Warchalking.org, includes a message board where
computing enthusiasts often post messages about their warchalking
plans. One user bragged about his warchalking excursion in Santa
Monica, California, where he marked the "corrugated metal wall of
an art gallery".
Shore acknowledged the threat such markings and Web sites pose to
ongoing criminal and counterintelligence investigations, especially
antiterrorism investigations. The ability of criminals and
terrorists to spot these markings while simply walking down the
street and then using vulnerable corporate wireless networks for
anonymous Internet access "poses a real problem" for law
enforcement, he said.
But William Harrod, director of the Investigative Response Division
at TruSecure and a 14-year veteran of the FBI, downplayed the
security significance of warchalking, saying that terrorists or
serious criminals are unlikely to rely on it for identifying access
points.
Harrod, who served at the FBI as a supervisory forensic computer
specialist and a rapid start team leader, also downplayed the
utility of having online interactive maps for terrorist activities.
"It's not terribly hard to find access and gain that access," he
said.