Wi-Fi users in the country are vulnerable to virus attack, warns an Indian computer security analysis firm. According to the Indian Computer Emergency Response Team (CERT-In), the virus attacks through Wi-Fi could lead to crashing and even hacking of the secure networks. The firm has discovered that the Wi-Fi Protected Setup (WPS) has a design error, which increases risks of virus attacks and may allow attackers to take unauthorised control of the affected system. The error can also help attackers crack and stealthily enter into an encrypted and password protected system.
“The virus is streaming in the Indian Internet networks with a high severity. The combat mechanisms are being deployed,” a computer security analyst with a government agency said. “An unauthenticated, remote attacker within range of the wireless access point could use the PIN (password) to gain unauthorised access to the device to retrieve the password for the wireless network or change the configuration of the device. Failed attempts to exploit the vulnerability could lead to a denial of service condition,” the CERT-In said in its alert to Wi-Fi users.
The agency also pointed out its reports that revealed several WPS devices do not feature any kind of lockout policy for such attack attempts. Users in India mostly use the WPS method to set up a wireless router for home network. The WPS procedure requires a PIN that can be used during the setup phase. Issuing an advisory to the Wi-Fi users, analysts of CERT-In said that users should disable the external registrar feature of the WPS to protect their device from virus attacks.