Once Again, Basic Detective Work Tracks Down Criminal Activity Done On Open WiFi
from the not-so-difficult dept
One of the things we hear over and over again about the evils of “open WiFi” is that it allows criminals do horrible things on a network with no way to track them down. We’ve always pointed out how ridiculous this is. Just because someone does something on a network, it doesn’t mean they don’t necessarily leave other clues that can be uncovered through basic detective work. And, time and time and time and time and time again, we see stories of basic detective work being used to catch criminals on open WiFi networks.
Here’s yet another example. In a case involving a disgruntled former IT worker logging into his former employer’s computer systems and pretty much deleting everything important (including “the company?s e-mail and BlackBerry servers, as well as its order-tracking system and financial-management software”). These sorts of things happen every so often, and the responsible party almost always gets caught.
In this case, Jason Cornish used an open WiFi network at a McDonalds to do his dirty work. But there was enough evidence to link the crime to Cornish (beyond basic motives). For example, investigators discovered that he had made a purchase of some food at that McDonalds about five minutes before the deletion began. Honestly, it looks like he wasn’t particularly careful in a variety of things that he did — but that’s kind of the point. The fear about how open WiFi will be regularly abused and there will be “no way” to track down those responsible is a huge exaggeration. Perhaps there are some users who are careful enough not to leave a trail, but those sorts of people will figure out a way to do what they want with or without open WiFi. The fear of untraceable hackers on open WiFi is way overblown.
Filed Under: crime, detective work, open wifi, wifi
Comments on “Once Again, Basic Detective Work Tracks Down Criminal Activity Done On Open WiFi”
I think the fear is more of people copyright infringing on open wifi, especially with the 6 strikes law.
First comment w00t!
Re: Re:
Your boxful of canceraids is on its way, courtesy of the regulars at the Onion AV Club. (It’s all part of that Web 2.x open-communication strategy. Or whatever.)
At least we can always count on the stupid criminals to draw you a map to their house with their credit cards while they hack…
Re: Re:
The same thing happened to a family member who got her wifi hacked. The hacker managed to steal paypal info, and then left their address behind where she could see it. By and large, criminals, even criminal hackers, are a dumb bunch.
Re: Re: Correction
There are a lot of dumb criminals, but like with most things, there are always a few that do know what they are doing.
Our own detective work in helping nab an online thief
Our customer service department discovered a couple of fraudulent transactions with stolen credit cards.
For the first instance, I traced the IP address of the transaction to a wifi spot belonging to a hotel. When we found a second transaction originating from the same IP address, we notified that card’s owner.
The second victim asked how the card was compromised. Our customer service rep mentioned the hotel wifi hotspot and the victim said they stayed at that hotel. When we recontacted the owner of the first card we asked them about the hotel. That person said they stayed at the same hotel on the same night.
Once the local authorities got involved, it was revealed that only one person worked the front desk at that time these two victims checked in, as well as the time the two fraudulent orders were placed. Last we heard the alleged fraudster/front desk person was fired, and I’m pretty sure charged with at least two counts of identity theft.
“Basic Detective Work“
[emphasis added]
But … but … but … convenience!!!!
Feeble thesis. %99 percent is coming up with a suspect.
They weren’t sifting through ALL open wi-fi, they took his credit card purchase record and made a likely conjecture. It’s easy once you have a name, and of course, this is a classic “disgruntled former employee”, be absolutely the first place ANY cop would look, just as they went immediately to OJ’s house. Completely by the book.
So as usual, you begin with a strawman you wish to demolish, put some irrelevant text through your sausage machine, and smugly write QED.
Re: Feeble thesis. %99 percent is coming up with a suspect.
Who said they sifted through all open wi-fi? You’re the only one to even suggest such a thing.
Once again, you start with a premise that never existed, and try to argue against it. Do you enjoy arguing with yourself so much?
Re: Re: Feeble thesis. %99 percent is coming up with a suspect.
STOP FEEDING THE TROLL
Re: Re: Re: Feeble thesis. %99 percent is coming up with a suspect.
True. On the other hand, beating trolls has a great deal of merit.
Re: Feeble thesis. %99 percent is coming up with a suspect.
Newsflash: You’re agreeing with the post. Might want to rescramble your gibberish a few more times.
It is kind of a straw man. Mike should link to or include a quote from an article mentioning these types of crimes being a major concern as he implicitly suggests.
Most of the news about the problems with open-wifi have been concerns over copyright infringement. For example this article about potential banning of open hotspots mentions that as the primary concern.
http://www.zdnet.co.uk/news/networking/2010/02/26/open-wi-fi-outlawed-by-digital-economy-bill-40057470/
Sending personal information over a network is obviously much easier to trace. A semi-knowledgeable person using it to exchange media files has virtually no chance of getting caught.
“The fear of untraceable hackers on open WiFi is way overblown.”
There is just so much wrong with this single statement, that it is beyond understanding.
Open WiFi is, without a doubt, one of the biggest security holes on the net. Combine it relays, VPN, or other “cloaking” and the end user is all but invisible.
To dismiss it off handed because of a single case (that really has little to do with WiFI beyond “means”, as he was tracked down not for technical reasons, but because he was an disgruntled employee stupid enough to make his presence known at the WiFi location) is an incredible reach, a huge logical jump.
It makes you wonder what other amazing logical jumps have been made in the name of getting this to line up with the Techdirt universe.
Re: Re:
Woohoo! Go Dr. Horrible! go!
Re: Re:
“Open WiFi is, without a doubt, one of the biggest security holes on the net”
No, it is not. Badly written applications are. Remember: Sony was “hacked” because of a simple SQL injection attack, one of the most preventable of attacks.
Talk about logical jumps…
Re: Re: Re:
Oh, and I almost forgot another big security hole: clueless network admins that forget to revoke passwords from disgruntled employees and to audit the network after said employee was fired.
Re: Re:
I’m fairly sure that anyone knowledgeable enough to “combine it relays, VPN, or other ‘cloaking'” would also be able to do a quick google-search on how to hack a “secure” WiFi.
In the near future:
“Public” wifi networks will be “secured” with WEP, so the owners can say they are secure, and all computers will have WEP cracking integrated in their wifi drivers.
I can think of three ways he could have spoofed the investigation without even trying. No the the guy was let go.
Great. You found 5 articles saying they caught “criminals”. Now how about you post the 1000’s where they haven’t caught anyone?
Re: Re:
The sky is falling
Watch American Greed the other night and it was about hackers. The guy set up shop in areas with multiple open wifi and used a booster to get some better range and then alternated which ones he used for the attack.
I saw another show where the hacker rented a office space far away (more than 10 block, but still in line of sight) from then open wifi and then constructed an 10 foot antenna and directed right at the open wifi location.
My point is stupid criminals get caught. It is the smart criminal that I worry about…
Re:
Criminal are not so intelligent than detectives or, at least, they dont have the time to think so much.