AOH :: ISNQ4052.HTM

Wireless hacker attacks on the rise




Wireless hacker attacks on the rise
Wireless hacker attacks on the rise



http://www.asahi.com/english/Herald-asahi/TKY200705180101.html 

By Yoshitaka Sumida 
THE ASAHI SHIMBUN
05/18/2007

Prepaid wireless network cards provide convenient Internet access 
anywhere, but in the wrong hands they can be misused to commit fraud.

And this amounts to an open invitation to "wireless hackers," whose 
numbers are proliferating.

Prepaid wireless network cards are the tool of choice because they leave 
no tell-tale fingerprints, which allows perpetrators to slip away 
undetected into cyberspace.

If card distributors were to confirm the identity of the purchaser, this 
could be avoided. But if the retailer skips the process then no record 
of the customer is retained. Police investigating a hacker attack may be 
able to track down the prepaid wireless card but they will be unable to 
find the hacker who used it.

To prevent their use in the commission of a crime, the National Police 
Agency will require distributors to push for more comprehensive customer 
background checks.

Wireless network cards work when they are inserted into ports on 
personal computers to wirelessly enable them at any location where PHS 
or cellphones can be used.

The cards are sold with a variety of Internet access plans to meet a 
user's needs. A prepaid card includes Internet access and communication 
fees for a certain time period. They are hassle-free as no further 
billing is required. That is why some distributors allow retailers to 
forgo ID checks.

According to the National Police Agency, crime involving the cards began 
cropping up three years ago. In 2005, police nationwide made arrests or 
sent papers to prosecutors in 271 illegal Internet access cases. Of the 
total, 28 cases involved prepaid cards.

Police investigations into illegal Internet access involve tracking down 
the source by checking the access record of the server that came under 
attack. If the network was accessed via cable, the user can be 
identified via the Internet service account.

However, in cases where a prepaid card was used, and the retailer failed 
to record customer ID, it is only possible to get to the card used in a 
wireless attack, but not to the "hacker" as there is no Internet service 
contract record.

According the National Police Agency, police were aware of 592 illegal 
access cases in 2005, through complaints made or suits filed. However, 
as of May 2006, investigations had gone cold in 31 of the cases that 
involved prepaid cards.

But through diligent cyber sleuthing, some cases have been cracked.

In September 2005, police in Ibaraki Prefecture broke a fraud and 
illegal access case after 16 months of detective work and arrested a man 
and a woman who had no fixed address.

The pair, who were constantly on the move in their vehicle, sold 
nonexistent merchandise on Internet auction sites using a wireless 
network card. Some 340 gullible buyers were allegedly duped into paying 
a total 80 million yen to the couple.

Police were able to trace their network card via Internet access 
records. However, the retailer had not confirmed the purchaser's ID. So 
the police traced PHS signals to locations of origin, and tracked down a 
suspicious vehicle that was traveling in and out of the area. The car 
was tailed from Itabashi and Ikebukuro in Tokyo to Saitama, before 
police arrested the couple on suspicion of fraud.

In July 2006, the Ishikawa prefectural police tracked down a group that 
was trafficking pornographic DVDs. In this case, the retailer had not 
ID'd the purchaser of the prepaid card used in the crime.

To complicate things further, the card had been given to another user. 
But the Ishikawa police got a lucky break. The original purchaser used a 
point reward card issued by the retailer--made out in the real 
name--when buying the card.

This allowed the police to identify the suspects.


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods