It is the stuff of cyber nightmares: an undetectable virus that moves through the airwaves. But researchers at the University of Liverpool have made it a reality.
They have shown, for the first time, that Wi-Fi networks can be infected via their access points, rather than computers.
In densely populated areas where Wi-Fi hotspots were prevalent, the “Chameleon” virus — which was designed by researchers at the university’s school of computer science and electrical engineering and electronics — could spread as quickly as the common cold.
They proved this by simulating — in a laboratory environment — attacks on London and Belfast. Densely populated areas had more access points in close proximity, and so the virus spread more quickly. Their research was published in the European Association for Signal Processing’s Journal on Information Security.
“When Chameleon attacked an access point, it didn’t affect how it worked, but was able to collect and report the credentials of all other Wi-Fi users who connected to it,” said Alan Marshall, professor of network security at the university. “The virus then sought out other Wi-Fi access points that it could connect to and infect.”
Basie von Solms, director of the Centre for Cyber Security at the University of Johannesburg, said that what makes Chameleon novel is that it “lives” in the Wi-Fi “cyber space”, and attacks via access points. “They have proved now, in a controlled environment, that such a virus can spread very quickly via Wi-Fi, which was not so clear before.
“Also, because it ‘lives’ in the ‘Wi-Fi cyber space’, it is not detected because it never really infects a computer directly.”
While many access points are sufficiently encrypted and password protected, the virus simply moved on to find those which weren’t strongly protected, including open Wi-Fi points common in locations such as coffee shops and airports, the University of Liverpool said.
Current virus detection programs look for viruses present on computers or the Internet, not on the Wi-Fi network itself.
However, Von Solms said it remains theoretical because “if such a virus is used for malicious purposes … it will have some kind of payload which will infect computers and other devices, because that is where the desired data and information reside”. — (c) 2014 Mail & Guardian
- Visit the Mail & Guardian Online, the smart news source