Researchers at the University of Liverpool have demonstrated that WiFi
networks can be infected with a virus that can move through densely
populated areas as efficiently as the common cold spreads between humans.
The team designed and simulated an attack by a virus, called Chameleon, and
found that not only could it spread quickly between homes and businesses,
but it was able to avoid detection and identify the points at which WiFi
access is least protected by encryption and passwords.
Chameleon behaves like an airborne virus, travelling across the WiFi network
via Access Points (APs) that connect households and businesses to WiFi
networks. Areas that are more densely populated have more APs in closer
proximity to each other, which meant that the virus propagated more quickly.
“When Chameleon attacked an AP it didn’t affect how it worked, but was able to
collect and report the credentials of all other WiFi users who connected to
it. The virus then sought out other WiFi APs that it could connect to and
infect,” said Alan Marshall, Professor of Network Security at the
University.
Chameleon was able to avoid detection as current virus detection systems look
for viruses that are present on the internet or computers, but Chameleon is
only ever present in the WiFi network.
While many APs are sufficiently encrypted and password protected, the virus
simply moved on to find those which weren’t strongly protected including
open access WiFi points common in locations such as coffee shops and
airports.
“WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus," said Professor Marshall.
“It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely.”
The team is now reportedly working on a product that could be installed in WiFi access points to prevent this kind of hijacking, without requiring the user to take responsibility.
“WiFi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus," said Professor Marshall.
“It was assumed, however, that it wasn’t possible to develop a virus that could attack WiFi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely.”
The team is now reportedly working on a product that could be installed in WiFi access points to prevent this kind of hijacking, without requiring the user to take responsibility.