IBM X-Force Red, which is a team of veteran hackers at IBM Security with the primary aim of uncovering potential vulnerabilities in networks to help safeguard against them, announced today that it had discovered a potential weak point in network security that hackers can exploit to infiltrate the network and subsequently gain access to the devices and the data on it.
The new technique is being called 'Warshipping' by X-Force Red, and it exploits e-commerce related package deliveries by couriers to deploy a palm-sized computer, a 'warship', within the proximity of the organization's WiFi network. What is different about Warshipping compared to the traditional methods of hacking like Wardialing and Wardriving is the fact that the warship is a 3G enabled device that can be controlled remotely regardless of the cybercriminal's location, both during transit and on-site. This rids hackers of one of the fundamental concerns with Wardriving, which required the hacker to circumambulate the target site keeping the hacking device in range and simultaneously minimizing their notoriety.
Once at the target site, the device stays on the lookout for potential data packets that can be used to probe into the network. Charles Henderson, the Global Managing Partner of IBM X-Force Red, documented the team's process of conducting a passive wireless attack:
As an example, we listened for a handshake, a packet signaling that a device established a network connection. One of the warship devices transmitted the captured hash to our servers, which we then utilized on the backend to crack the preshared key, essentially the user’s wireless password, and gain Wi-Fi access.
Once the warship gains access to the organization's WiFi, and subsequently, to all the devices connected to it, the warship sets up a rogue WiFi network of its own that it forces the target device to connect to. From there, it divulges the target device's critical information like username and password that can be used to launch attacks in the future against the enterprise network. Charles summed up the team's findings by stating:
In this warshipping project, we were, unfortunately, able to establish a persistent network connection and gain full access to the target’s systems.
The device that needs to be deployed to the site is essentially made up of a single-board computer (SBC) that runs on a traditional cell-phone's rechargeable battery. Furthermore, with the off-shelf components, it costs just around $100 to make and looks more like a DIY project for a science exhibition at a school rather than a device that can be used to hack into networks.
Since the ultimate goal of X-Force Red is to help improve network security by exposing these vulnerabilities, Charles has outlined a few techniques that can be used to fend off potential hackers and their warships. You can read more about the safety precautions and Warshipping here.