Want CNET to notify you of price drops and the latest stories?

Catching wireless hackers in the act

Wireless networks may be an easy target, but now a sticky trap has been set to monitor attacks and unauthorized access.

Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
Robert Lemos
2 min read
It's been a cinch for vandals with an eye on Internet mischief to launch attacks by co-opting an unsecured wireless network, but such break-ins may not go so unnoticed now.

A heavily monitored wireless network was quietly set up this summer to lure hackers and keep track of attacks. Science Applications International Corp. (SAIC) created the network to study the methods of wireless vandals. It is the first wireless version of a so-called honeynet, networks of servers designed to lure in hackers and then monitor their actions.

"It is important to see how the bad guys are breaking into systems using not just wired networks, but wireless networks as well," said Lance Spitzner, founder of the Honeynet Project, the group that first created honeynets.

Wireless networks have gained phenomenal popularity for their ability to let people connect to the Internet from anywhere close to an access point. However, the technology's security has been widely criticized, with the U.S. cybersecurity czar calling it one of the five reasons the nation's infrastructure is insecure.

While the SAIC, a research and engineering company, has tried to keep its 10-week old project hush-hush, details have leaked out.

The so-called Wireless Internet Security Experiment, or WISE, aims to "develop effective information security, intrusion detection, and incident response, and forensic methodologies for wireless networks," according to the project's Web page.

The first test network was set up in mid-June in a major metropolitan area, and logs all traffic for later analysis, said a source familiar with the experiment. Anyone can connect to the wireless network, but only users who break the law would be able to get out to the Internet.

"(WISE) has a password protected gateway that blocks network access," said Spitzner. "If they are good guys then they say, 'Ah oh,' and get off, while the malicious users will exploit a hole in the gateway."

However, SAIC has no plans to press charges against anyone using the network to get to the Internet; the project is for research only.

Neither Spitzner nor SAIC would reveal in which city the wireless honeynet had been placed.

SAIC spokesman Ron Zollars would only talk about the project in general terms.

"It's purely an independent R&D project, and all funding is currently only SAIC dollars," he said.

He also claimed the project wasn't yet up and running, despite statements to the contrary by Spitzner and other sources.

"SAIC is a government contractor; they do a lot of military work, so they generally get nervous when one of their projects gets a lot of press," said a source familiar with the experiment, who asked to remain anonymous.

A report on the findings is expected to be released to the public late this year.