Researchers at Indiana University are raising alarms about the potential
vulnerability of Wi-Fi networks to malware attacks. In their report, the researchers said they were able to simulate the vulnerability of Wi-Fi networks in several U.S. cities to the spread of malware, the malicious software worm or virus that the study said could spread rapidly from one wireless router to another.
The researchers state most of the simulated attacks show tens of thousands of
routers infected in as little time as two weeks, with the majority of the
infections occurring in the first 24 to 48 hours.
However, several conditions would have to be met for an attack of such
magnitude, chief among them, unprotected routers. Further, the report
discusses how such an attack might be quickly contained or the spread of
infection reduced.
One way is to force users to change default passwords, which many fail to do. Second is the adoption of Wi-Fi Protected Access (WPA), the cryptographic protocol meant to replace Wired Equivalent Privacy (WEP) that is more easily broken. WEP’s shortcomings
have been widely documented and a major security weakness identified
by the university researchers.
Richard Rushing, Chief Security Officer for wireless security vendor AirDefense, said the report is another good reminder that users need to be pro-active because the default settings on many wireless systems are sub-par if not out-of-date. “If you go to any support site for your router, I guarantee you it’ll have an update that’s newer than what you have installed,” Rushing told InternetNews.com.
But Rushing thinks the disaster scenario laid out by the Indiana researchers is less of a threat than more traditional virus attacks on computer users in general and wireless networks in particular. He notes there would have to be a significant number of active users with unprotected routers for a virus to spread quickly and software like AirDefense’s own monitoring tools would notice such anomalous behavior right away and issue an alert.
In a more traditional malware attack, an individual unknowingly downloads a
Trojan or rogue program that steal passwords, credit
card info, etc. Unprotected wireless systems are at risk to these kinds of
attacks. Rushing said this is the low hanging fruit for the bad guys since so many
users don’t bother to install the right protection.
He noted many vendors are doing a better job of providing better security out of the box than in years past when encryption and other protections had to be proactively
enabled, but it’s still user’s responsibility to make sure the latest
security is in place.
But networks are very different than PCs in that they are more often left continuously online and thus are a more tempting target for would be attackers. The researchers also assert a large number of users do not change their password from the default established by the router makers. Since these default passwords are easily obtainable, it gives the bad guys easier entry. Again, this is another case where pro-active steps like installing a
unique password, would better protect a wireless system.