Wireless security is one of my favorite soapbox's. Whenever I teach an A+ class or a Net+ class I always spend a few minutes talking about the theory behind cracking WEP and WPA, and how easy it is, to drive home the point that wireless connections are just not secure without advanced encryption and authentication (something a RADIUS server would provide). Researchers at Indiana University have recently given me another talking point when lecturing students on wireless security.
Researchers at IU have come out with a scenario that is quite scary. A worm attack focused on infecting wireless routers! With the prevalence of wireless routers in the market today large gatherings of people will probably be covered in wireless signals (city's, towns, etc). A worm that could travel to, and infect, any wireless router within the range of an already infected wireless router could have the ability to infect an entire city in a very short period of time.
But wireless encryption should make this impossible right? Not hardly. Granted, a wireless router with a strong WPA key would probably be safe, but how many people do you know that willingly use a strong WPA key? For that matter, how many people do you know that change the default root username and password on their wireless router?
So what would a worm like this have to do to be successful? First you would have to be able to connect to wireless routers. Not very hard of they are unencrypted, use WEP, or weak WPA keys. Second, once connected the worm would have to be able to change the firmware of the wireless router. In order to do this you would have to log in as the administrator. Because very few people take the time to change the defaults this is relatively easy. It would be fairly easy (relatively) to create a Linux kernel small enough to load on a wireless router and carry out these small tasks.
Fortunately, a worm like this does not yet exist (as far as I am aware). Though now that someone thinks its possible it's only a matter of time until someone trys to do it. So take precautions now. If you have devices that can use WPA make a strong WPA key and use that. I know its a pain, but the added security should ease the pain slightly. If you haven't yet changed your default username and password go do it!
- The geographic model looks like the spread of a virus...