Welcome to WebmasterWorld Guest from 54.225.18.67

Forum Moderators: incrediBILL & lawman

Message Too Old, No Replies

WiFi Virus Said To Spread Like The "Common Cold"

     
3:27 pm on Feb 26, 2014 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:24365
votes: 556


This is an interesting development, and should be a concern to homes and smaller premises WiFi that probably have spent less time and energy on security, if at all.

A computer virus that can spread via wi-fi like a "common cold" has been created by researchers in Liverpool.

In densely populated areas with lots of wi-fi networks, the virus can go from network to network finding weaknesses.

Once in control of a wi-fi access point, it leaves computers on the network extremely vulnerable.

The team's lead researcher told the BBC it was working on software to prevent such attacks being possible.

"Rather than rely on people to use strong passwords, you want to integrate intrusion detection systems to the access points," said Alan Marshall, professor of communication networks at the University of Liverpool.

He would not go into detail about the methods in order to prevent the attack being used on real victims but said a proof-of-concept attack had been developed at the university.WiFi Virus Said To Spread Like The "Common Cold" [bbc.co.uk]
10:04 pm on Feb 26, 2014 (gmt 0)

Senior Member

WebmasterWorld Senior Member beedeedubbleu is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 3, 2004
posts: 6117
votes: 18


Oh well! That will be some more inspiration for the crooks.
5:17 am on Feb 27, 2014 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2649
votes: 85


It infects access points that have not had their admin password changed. Some people act as though they want to to be attacked.
8:16 am on Feb 27, 2014 (gmt 0)

Senior Member

WebmasterWorld Senior Member beedeedubbleu is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 3, 2004
posts: 6117
votes: 18


Unfortunately many people are not aware of the risks Graeme. Most of those who have lived their lives in a climate of law and order are unaware of the anarchy that is the Internet. ;)
8:54 am on Feb 27, 2014 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:24365
votes: 556


From this elevated position I can see around 10% of the WiFi appearing to be in the worst state of open. The router, or access point, is using a default name, so it's easy to spot, but, it's not easy to know who's house that is without using a little more effort. If I knew who it was i'd let them know.

Obviously, the default passwords wouldn't help.

Clearly, a determined thief would jump at the opportunity of connecting to seek an opportunity.

This demonstration by the University shows it's possible. What we don't know is whether a determined thief hasn't already utilised this through their own research.
12:52 pm on Feb 27, 2014 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member piatkow is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 5, 2006
posts:3396
votes: 40


Most home users will not even be aware that there is an admin password to reset unless they have had to talk through a problem with their supplier's help desk.
6:33 am on Feb 28, 2014 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2649
votes: 85


@BeeDeeDubbleU, but people are not THAT accustomed to law and order. Most people take lots of precautions in most of their lives - they lock doors, they keep credit cards safe, they do not walk down dark alleys in dodgy areas.... They are not willing to do the same online. I know a good many who are simply not worried about the consequences. They say "I have nothing important on my PC". Part of the problem is ignorance of possible consequences.

Instead of intrusion detection systems, a simple solution would be programming routers not to work (other than to redirect users to a web admin page) until the admin password has been changed AND the admin has either secured the network or confirmed that it is deliberately open.
9:26 am on Feb 28, 2014 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member piatkow is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 5, 2006
posts:3396
votes: 40



Instead of intrusion detection systems, a simple solution would be programming routers not to work (other than to redirect users to a web admin page) until the admin password has been changed AND the admin has either secured the network or confirmed that it is deliberately open.

My "inner IT professional" agrees with that 100%. My "inner journalist" sees a smug little article forming about ISPs making connection "too complicated".

From an end user viewpoint a router should be plug and play.
12:03 pm on Feb 28, 2014 (gmt 0)

Senior Member

WebmasterWorld Senior Member beedeedubbleu is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Feb 3, 2004
posts: 6117
votes: 18


@BeeDeeDubbleU, but people are not THAT accustomed to law and order. Most people take lots of precautions in most of their lives - they lock doors, they keep credit cards safe, they do not walk down dark alleys in dodgy areas.... They are not willing to do the same online.

But there is an obvious and imminent threat in a dark alley.

It is not a case of being unwilling to be safe online. It's just that where there is no perceived threat they see no need. I know them. I have spoken to them. ;)
10:49 am on Mar 4, 2014 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2649
votes: 85


Agreed, so we need to convince them that there is a threat. We need to educate them about possible consequences - e.g. credit card numbers details stolen by a key logger, identity theft, coming under suspicion of crime because a hacker routed an attach through your computer, exposure of personal documents, the use of your email by spammers and scammers......

From an end user viewpoint a router should be plug and play.


A simple process that will take a minute that you need to go through once every few years?

Complex machines cannot be entirely plug and play. Washing machines need to be plumbed in, cars need to be maintained, etc.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members