The 1983 tech-thriller War Games is remarkable in motion picture history.

In the lead role, actor Matthew Broderick was nearing the peak of his ability, years before he became Ferris Bueller or Mr. Sarah Jessica Parker. And his on-screen collision with fellow Hollywood titan Dabney Coleman defines the era as, say, the combination of Laurence Olivier and John Gielgud in Richard III redefined film making in the 1950s.

More than this, however, War Games introduced computer hacking to the masses.

Broderick nearly unleashes the Third World War when he accidentally hacks into Norad’s mainframe by using as a password the name of the dead son of a dead computer programmer who, fortunately for civilization, was not really dead but flying toy dinosaurs in Oregon.

As Gen. Beringer, impeccably played by Barry Corbin, prepares to vapourize Russkies in retaliation for a mock, computer-generated nuclear strike against the United States, computer chief Dr. John McKittrick (Coleman) shouts incredulously: “There’s no way a high-school punk can put a dime in a telephone and break into our system.”

That was the paleolithic age of computer technology. Now, a pay phone — if you can find one — requires 25 cents for a local call and hacking is free.

And with the proliferation of wireless technology and Wired Local Area Network (WLAN) computer systems in the last year, hacking has never been easier.

“What Matthew Broderick did was more difficult to do than what it is today,” security consultant Ian Watson says. “That movie spawned the term war dialing. War driving is what hackers do today. They get a laptop and antenna, slap it on their car and drive around the city looking for wireless access points.

“You can buy kits off the internet for war driving for $150. You can make your own antenna out of a Pringles can for about $10 in parts. Coffee cans work better. They can give you a good couple of kilometres. In our building, I’ve picked up a wireless signal from Grouse Mountain.”

Watson’s building, DTM Systems Corp., is at Boundary Road and the Lougheed Highway in Vancouver, about 10 kilometres from Grouse Mountain.

If Watson were a bad guy — a “black-hat” or “cracker” in hackerspeak — he could have infiltrated that wireless network, used the computers of others in that system as hosts and attempted to launch cyber attacks against companies, government agencies or individuals.

Offences can range from merely using someone’s Internet service for free, to junk-mailing or “spamming,” to more serious acts, such as cybervandalism to criminal theft or fraud.

Since clever crackers leave a trail back to their hosts, unwitting accomplices, or no trail at all, there is almost no way for authorities to catch them.

Of course, WLANs could have any one of a variety of electronic security shields, but Watson says many smaller networks and home users are defenceless.

And wireless access points in public spaces such as cafes, hotel lobbies and libraries can be especially vulnerable, he says.

“[On] the statistics that I’ve seen, up to 60 per cent of access points right now aren’t using encryption at all,” Watson says. “And 28 per cent of [wireless routers] are straight out of the box from the manufacturer, no changes made.

Hackers Thrive in Wireless World

CREDIT: Bill Keay, Vancouver Sun Computer security consultant Ian Watson says there can be consequences to cutting the cord and letting wireless technology take over.

“Right now, security is simply an option [on wireless devices]. And if I’m doing my online banking at home, yeah, I think that security is pretty important to me. I think it’s important that my doctor’s office has some security, and my dentist and my lawyer. There are a lot of doctors’ offices that have wireless for the functionality, but have no security. The home user and small-business user are definitely at risk.”

Watson says larger companies, which have technology professionals on staff and big budgets for security, can also be compromised if a manager or employee decides to work from home using unsecured wireless.

A war-driving hacker can locate the wireless signal — all networks operate at essentially the same frequencies, 2.4 GHz or 5.7 GHz — and use the unguarded access point as a portal into the person’s work network.

Many businesses and agencies, including The City of Vancouver, have put off implementing WLANs, due partly to security concerns, but Watson says there remains widespread ignorance about the risk of unsecured access points.

Coquitlam criminologist Bessie Pang, executive director of the Society for Policing Cyberspace, is trying to do something about it.

The global society’s website, www.polcyb.org, has been set up as a security resource.

“Cybercrime is absolutely increasing,” Pang says. “But with help, people can be made more aware of it.”

Pang says public awareness about child pornography and identity theft are helping combat those cybercrimes, but she adds: “Just as much as those, there are other problems. It’s becoming very, very serious.

“There are two sides to the coin in the improvement of technology and wireless technology. It’s easier to use, but easier to get into. You pay for the convenience of technology.

“Companies sometimes want to save money [on security]. You might save money in the long run, but you just need one person to hack in and the whole company is down.”

Preventing cybercrime is far easier than prosecuting it.

Police rely almost entirely on electronic forensics to catch hackers, but often the trail ends abruptly. There are rare cases of war drivers being caught on location, but Const. Ken Kuan, part of the RCMP’s 12-member Integrated Technology Crime Unit in Vancouver, says these arrests usually involve intelligence, such as a witness.

“Certainly, the prevention part should be the focus,” Kuan says. “For us, because of the [security] issue, the RCMP ourselves are reluctant to use wireless technology. I put up a wireless network at home and I could detect one or two access points in the homes of my neighbors. It certainly opens the door to hackers.”

Pang says: “It’s hard for investigators to catch up to cybercrime because of the enormous amount of financial resources you have to put into technology.”

Kuan says everyone should enable the security features on the wireless routers they buy.

Watson notes, however, that people want these devices for their convenience, so manufacturers build them to work easily, straight out of the box. Enabling built-in security is a chore.

“Go to Future Shop, look at a box: ‘Quick and Easy, Easy to Use, Installs in 10 Minutes.’,” Watson recites. “You plug it in, it works. That’s how these wireless devices are being marketed to the consumer. The consumer then brings that attitude into the corporation, not realizing their risks for their home networks is completely different than risk for the corporation.

“The corporation may have spent thousands of dollars hardening their outer security so they have a perimeter defending against all the threats, but they most likely have a soft, chewy centre. It’s kind of like the bubble gum — hard outside, soft, chewy centre. And someone’s just plugged in this $100 piece of gear that has defeated a $100,000 security system that a corporation has put in place.”

Watson says, however, that the latest wireless technology — defined within the industry as 802.11i — has far more advanced encryption capabilities than earlier versions.

So, if properly secured, WLAN is getting safer.

“We want to do it [install WLAN], but technical and security issues have so far kept us from being able to do it,” City of Vancouver technology manager Martin Crocker says. “I believe it can be made secure. A lot of airports and police forces are using it, but it’s not something you do with a wireless router you pick up at Radio Shack.”

The Surrey school district recently installed wireless networks at two of its high schools.

“Demand is there,” district manager of information services Colin McLellan says. “It’s convenient and efficient, but you really need to do your research and set it up securely. Yes, security is a concern, but there’s technology to mitigate it.”

Watson estimates that 30 to 40 per cent of Vancouver companies are running wireless, but there are only a handful of local firms specializing in WLAN security.

Safeguards for wireless users range from basic data encryption and electronic firewalls to WPAs (Wi-Fi Protected Areas that include user authentication), DMZs (buffer networks that protect an inner one) and Virtual Private Networks.

Pang cautions, however, that there is always something new to make users wary.

“Just when you think you’re safe, someone else on the other side of the world thinks up something new,” she says.

In November, the first felony conviction for spamming — mass and often fraudulent junk e-mailings — was achieved in the United States.

Jeremy Jaynes and Jessica DeGroot, a brother and sister from Raleigh, N.C., were found guilty of soliciting sales for a non-existent “FedEx refund processor” they promised could earn people $75 an hour. In one month, Jaynes received 10,000 credit card orders at $40 each.

The conviction followed by one month news that a cracker in California had hacked into a university computer in Berkeley and accessed the Social Security numbers, addresses and phone numbers of 1.4 million Americans.

Watson believes most cybercrime goes unreported.

Companies are loath to publicize a breach in security for fear it will erode public confidence or their stock price, he says. And individuals are often unaware that their computer security has been compromised and they are being used by hackers.

Big Brother isn’t watching, but DarkRaider could be, or ezPrey or Blackspyder — hacker handles.

“It can go on for months, years, forever,” Watson says.

“There are people out there right now who don’t know their machines are compromised and being used by other people for nefarious means. “There’s something to be said for that wired world. It was slower, but it was more secure.”

Imagine what Matthew Broderick could do today.

“It would be an interesting movie,” Watson says.

WAR DRIVING

WHAT: War driving has nothing to do with George W. Bush.

It’s the evolution of hacking, a means of exploiting security breaches in modern Wireless Local Area Networks (WLAN).

HOW IT WORKS: A mobile hacker equipped with a laptop computer, wireless ethernet card set to “promiscuous” mode and an antenna locates unguarded access points that allow him or her into wireless networks.

It is also called war mapping, because hackers, who share intelligence, can map out large areas of access points for continuing abuse.

WHY IT WORKS: According to cyber-security consultant Ian Watson, 60 per cent of wireless systems are deployed without encryption. WLAN signals, radio waves, are unconfined by walls, allowing war drivers to detect them outside corporations and private homes.

HOW WAR DRIVERS ARE CAUGHT: They’re not.

“It’s difficult to find them,” Watson says.

“There’s anonymity. They’re not physically in your office, plugged into your network doing harm. They’re in their car in the parking lot, they’re down the road, they’re in Starbucks connected to your open access point.

“If they launch an attack from your open access point, it’s going to be traced back to you and your network. They’ll be long gone.”

Hackers hide behind our privacy laws

Iain MacIntyre

Vancouver Sun

December 4, 2004

The biggest problem in prosecuting hackers is that there are so few cases to prosecute.

The Charter of Rights and Freedoms and The Privacy Act, laws that protect Canadian citizens, also shield hackers and make investigating cybercrimes extremely difficult.

“It’s not a prosecution issue; it’s an investigation issue,” Crown counsel Henry Waldock says. “I haven’t yet had a case involving forensic computer evidence.

“The Internet was designed by academics. It was a time before black-hat hackers were part of this world. It wasn’t designed for forensic accounting or forensic analysis. The forensic trail left by computers is relatively slim.”

Since cybercrime usually leaves no physical evidence in the traditional sense, investigators have little more than computer forensics to pursue.

Often, there is nothing to chase.

Every computer hardware card has a serial number or MAC (Media Access Control) address to identify it. Addresses, however, can be changed by adept hackers, who make themselves transient.

Time-stamping on data also can be doctored.

“The trouble with electronic data is its fragility,” Waldock says. “A fingerprint on a car door, it would be ludicrous for someone to suggest someone fabricated it.

“But any kind of incriminating data can be planted by someone else by placing it in the hard drive. And there’s no way to date it. All date stamps can be changed.”

Waldock, an experienced Crown prosecutor in Chilliwack who has a degree in computer science and lectures on cybercrime, says the easiest way to catch hackers would be to intercept and trace their transmissions.

This, however, is illegal.

Section 184 of the Criminal Code makes it an offence to intercept private communications.

Investigators require judicial authorization to wiretap a phone or monitor the communications of a cybercrime suspect. They must convince a judge there are “reasonable and probable grounds” to order a wiretap against an individual.

Sometimes police do not have a single, identifiable hacker suspect. When they do, it remains difficult to establish the legal grounds necessary for wiretap authorization.

A honeypot is a cyberspace sting operation that Waldock says could be an effective tool for police. Authorities establish a vulnerable computer to lure hackers, much like police use bait cars to entice auto thieves.

But again, without reasonable and probable grounds for a wiretap against a specific person, the police cannot intercept transmissions. Also, officers could be assisting a hacker as he commits cybercrime.

“You’re stopped before you get started,” Waldock says. “You have a chicken and egg problem.”

By definition, laws follow crime.

In the case of hacking and cybercrime, the lag seems more pronounced.

Early in the electronic age, the Supreme Court ruled that stealing a copy of information was not a crime because data did not constitute property. Information taken was merely borrowed as long as it still existed at its origin.

Existing law progresses through changing interpretations and new laws have given authorities more latitude to combat cybercrimes involving child pornography and identity theft.

“The technology is moving along at a frightening pace,” Waldock says. “There are telephones you get in Japan that have infrared cameras, so you can take pictures of someone and see through their clothes.

“I have a degree in computer science and am very much into technology, and I have no idea what’s coming next.

“A decade is a long time in the information age. In law, it’s relatively brief. From 1993 to 2003, the Web went from 2,700 sites to 45 million. In about the same time frame, the Long Term Offender designation went from an idea to legislation interpreted by the Supreme Court of Canada.”

While the law tries to catch up, the private sector charges ahead.

There are global efforts to regulate the Internet and technology giants such as Microsoft and Intel are developing so-called “trusted computing,” which would make users easier to track.

Even as a prosecutor, however, Waldock has concerns about civil liberties being compromised by this possible future wave of technology.

“Hackers enjoy their privacy, but so do the rest of us,” he says. “That’s the balance here. How much of an Orwellian state do you want to live in?”

© The Vancouver Sun 2004