DeMISTIfying Infosec: War Dialing

February 16, 2016
By Katherine Teitler

War Dialing

War dialing, also known as "demon dialing" was a hacking technique that emerged in the late 1980s as a method for attackers to identify unauthorized or non-secure modems within an enterprise that provided access the company's voice or data network or its Intranet. Originally a manual process (think: prank calling when you were a kid), technologies rapidly evolved and new software allowed attackers to automatically scan a large block of random telephone numbers for unprotected user names or passwords. Some of the programs used in war dialing would also automatically log and enter successful connections into a database when they were found so attackers could return at a later time to leverage unauthorized access.ense in depth is a practical strategy for achieving information assurance in today’s highly networked environments, as defined by the NSA, which first applied the long-standing military strategy to network security. The basic premise of defense in depth is that layering security controls within a computing environment helps slow down an attacker’s progress should s/he gain access. 

The goal of war dialing was to weaken the security of enterprise voice and data networks or find a backdoor into the company's Intranet, which might be chock full of proprietary or sensitive information.

Used throughout the '90s (and purportedly named after the movie "WarGames" starring Matthew Broderick), war dialing died off after the Telecommunications Consumer Protection Act of 2003 was passed. Around that time, the use of modems in enterprises also started to wane (though many security professionals might be surprised to find a rogue connection or two still in use), and the attack morphed into scanning for VoIP systems that might be connected to the Internet through the same physical Ethernet cables and switches as networked computers or servers.

While war dialing is long since thought of as a legacy type of attack, security teams should consider including it as part of regular vulnerability scanning and penetration tests. The "new" war dialing is "war driving," the act of locating and exploiting vulnerable wireless access points.

 

prestitial ad