Indian computer security analysts have detected and alerted Wi-Fi users in the country against a possible virus attack that could lead to crashing and hacking of secure networks.
The Indian Computer Emergency Response Team (CERT-In), country’s national agency to respond to computer security incidents, has found that the “Wi-Fi Protected Setup (WPS) contains a design error that could allow a weaker-than-expected defence against brute-force attacks, which could allow an attacker to gain unauthorised access to the affected system.”
A brute-force attack, in computer terminology, is a programme that is used to crack and stealthily enter into an encrypted and password protected system while WPS is a popular method for setting up a new wireless router for a home network.
“The virus is streaming in the Indian Internet networks with a high severity. The combat mechanisms are being deployed,” a computer security analyst with a government agency said.
“An un-authenticated, remote attacker within range of the wireless access point could use the PIN (password) to gain unauthorised access to the device to retrieve the password for the wireless network or change the configuration of the device.
“Failed attempts to exploit the vulnerability could lead to a denial of service condition,” the CERT-In said in its alert to Wi-Fi users.
The agency also said that reports (with the agency) indicate that some WPS devices “do not implement any kind of lockout policy for brute-force attempts, which greatly reduces the time to perform a successful attack.”