Researchers at Indiana University are raising alarms about the potential vulnerability of Wi-Fi networks to malware attacks. In their report, the researchers said they were able to simulate the vulnerability of Wi-Fi networks in several U.S. cities to the spread of malware, (define) the malicious software worm or virus that the study said could spread rapidly from one wireless router to another.
The researchers state most of the simulated attacks show tens of thousands of routers infected in as little time as two weeks, with the majority of the infections occurring in the first 24 to 48 hours.
However, several conditions would have to be met for an attack of such magnitude, chief among them, unprotected routers. Further, the report discusses how such an attack might be quickly contained or the spread of infection reduced.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=iOne way is to force users to change default passwords, which many fail to do. Second is the adoption of Wi-Fi Protected Access (WPA) (define), the cryptographic protocol meant to replace Wired Equivalent Privacy (WEP) (define) that is more easily broken. WEP's shortcomings have been widely documented and a major security weakness identified by the university researchers.
Richard Rushing, Chief Security Officer for wireless security vendor AirDefense, said the report is another good reminder that users need to be pro-active because the default settings on many wireless systems are sub-par if not out-of-date. "If you go to any support site for your router, I guarantee you it'll have an update that's newer than what you have installed," Rushing told InternetNews.com.
But Rushing thinks the disaster scenario laid out by the Indiana researchers is less of a threat than more traditional virus attacks on computer users in general and wireless networks in particular. He notes there would have to be a significant number of active users with unprotected routers for a virus to spread quickly and software like AirDefense's own monitoring tools would notice such anomalous behavior right away and issue an alert.