Wi-Fi Networks Face Virus Threat?

By David Needle

January 04, 2008

Unprotected routers could spread malicious software rapidly to thousands of computers.

Researchers at Indiana University are raising alarms about the potential vulnerability of Wi-Fi networks to malware attacks. In their report, the researchers said they were able to simulate the vulnerability of Wi-Fi networks in several U.S. cities to the spread of malware,  the malicious software worm or virus that the study said could spread rapidly from one wireless router to another.

The researchers state most of the simulated attacks show tens of thousands of routers infected in as little time as two weeks, with the majority of the infections occurring in the first 24 to 48 hours.

However, several conditions would have to be met for an attack of such magnitude, chief among them, unprotected routers. Further, the report discusses how such an attack might be quickly contained or the spread of infection reduced.

One way is to force users to change default passwords, which many fail to do. Second is the adoption of Wi-Fi Protected Access (WPA) , the cryptographic protocol meant to replace Wired Equivalent Privacy (WEP)  that is more easily broken. WEP's shortcomings have been widely documented and a major security weakness identified by the university researchers. Richard Rushing, Chief Security Officer for wireless security vendor AirDefense, said the report is another good reminder that users need to be pro-active because the default settings on many wireless systems are sub-par if not out-of-date. "If you go to any support site for your router, I guarantee you it'll have an update that's newer than what you have installed," Rushing told InternetNews.com.

But Rushing thinks the disaster scenario laid out by the Indiana researchers is less of a threat than more traditional virus attacks on computer users in general and wireless networks in particular. He notes there would have to be a significant number of active users with unprotected routers for a virus to spread quickly and software like AirDefense's own monitoring tools would notice such anomalous behavior right away and issue an alert.

In a more traditional malware attack, an individual unknowingly downloads a Trojan  or rogue program that steal passwords, credit card info, etc. Unprotected wireless systems are at risk to these kinds of attacks. Rushing said this is the low hanging fruit for the bad guys since so many users don't bother to install the right protection.

He noted many vendors are doing a better job of providing better security out of the box than in years past when encryption and other protections had to be proactively enabled, but it's still user's responsibility to make sure the latest security is in place.

But networks are very different than PCs in that they are more often left continuously online and thus are a more tempting target for would be attackers. The researchers also assert a large number of users do not change their password from the default established by the router makers. Since these default passwords are easily obtainable, it gives the bad guys easier entry. Again, this is another case where pro-active steps like installing a unique password, would better protect a wireless system.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.