Contagious Computer Virus Spread by Wi-Fi Hotspots
Published on: 26th Feb 2014
Note -- this news article is more than a year old.
By: Ian Mansfield
Researchers at the University of Liverpool have shown for the first time that Wi Fi networks can be infected with a virus that can move through densely populated areas as efficiently as the common cold spreads between humans.
The team designed and simulated an attack by a virus, called Chameleon, and found that not only could it spread quickly between homes and businesses, but it was able to avoid detection and identify the points at which Wi-Fi access is least protected by encryption and passwords.
Researchers from the University's School of Electrical Engineering, Electronics and Computer Science, simulated an attack on Belfast and London in a laboratory setting, and found that Chameleon behaved like an airborne virus, travelling across the Wi-Fi network via Access Points (APs) that connect households and businesses to Wi-Fi networks.
Areas that are more densely populated have more APs in closer proximity to each other, which meant that the virus propagated more quickly, particularly across networks connectable within a 10-50 metre radius.
Alan Marshall, Professor of Network Security at the University, said: "When Chameleon attacked an AP it didn't affect how it worked, but was able to collect and report the credentials of all other Wi-Fi users who connected to it. The virus then sought out other Wi-Fi APs that it could connect to and infect."
Chameleon was able to avoid detection as current virus detection systems look for viruses that are present on the internet or computers, but Chameleon is only ever present in the Wi-Fi network. Whilst many APs are sufficiently encrypted and password protected, the virus simply moved on to find those which weren't strongly protected including open access Wi-Fi points common in locations such as coffee shops and airports.
Professor Marshall continued said: "Wi-Fi connections are increasingly a target for computer hackers because of well-documented security vulnerabilities, which make it difficult to detect and defend against a virus.
"It was assumed, however, that it wasn't possible to develop a virus that could attack Wi-Fi networks but we demonstrated that this is possible and that it can spread quickly. We are now able to use the data generated from this study to develop a new technique to identify when an attack is likely."