(also war dialing, war-dialing, hammer dialing, demon dialing)
The practice of using technology to automatically scan a range of phone numbers in order to reveal connected devices such as computers, modems, and office appliances. A wardialing call looks for the handshake tones of electronic equipment and weeds out numbers that connect to human operators or answering machines.
Wardialing results can be used by hackers or cybersecurity specialists to determine security vulnerabilities and potential entry points into a system. The term itself comes from the 1983 movie WarGames. Previously, the technique was called “hammer dialing” and “demon dialing.” Even today, wardialing software is sometimes referred to as “demon dialers.”
Real wardialing examples
1990s: Peter Shipley carried out a study to find modems that posed a security risk to their owners using wardialing techniques.
Stopping wardialing attacks
- Scan your devices with the help of wardialing software and cybersecurity experts. Identifying potential vulnerabilities helps you secure the exposed devices against future attack.
- Set passwords to protect connected devices and deny hackers an easy way in. Not all devices are password protected by default.
- Disable unused devices to minimize your attack surface. This includes devices that only need to be active during certain hours.
- Educate staff on how to respond to potential wardialing attacks, such as constant calls during off-hours or calls to office devices that answer with a dial-up connection sound. Employees should immediately warn IT specialists to give the organization time to reinforce its systems.