The easy way to avoid a Wi-Fi virus

It's flu season—for you and your wireless router. A study by Indiana University proves that a virus can quickly spread among unsecured or WEP-encrypted routers in densely populated urban areas. But networks secured by the WPA protocol were impenetrable, and that gives you one more good reason to really secure your network.

The study, written by Hao Hu and colleagues, found that malware can easily spread among unprotected (and underprotected) routers whose signals overlap. And this malware can spread faster than any human flu: The majority of infections could happen within the first 24 to 48 hours, affecting 10 percent to 55 percent of routers in an entire metropolitan area within two weeks. Alarmingly, the study points out that malware designers are evolving from kudo-seeking hackers to organized crime coders looking for ways to launder money and commit fraud.

The study focused on New York, Chicago, Seattle, Boston, San Francisco, and northern and southern Indiana. In these areas, only 20 percent to 41 percent of routers used WEP or WPA encryption. To gain access to the routers and simulate the spread of malware, the researches attempted to guess the password (many people don’t change the factory default) from a list of 65,000 words that are commonly used. It wasn’t all that difficult, as the results prove. The study concludes by noting that the increasing number of Wi-Fi-enabled components that will connect to routers makes the possibility of infection even more serious.

There is no software specifically designed for routers that would guard against such attacks, but it’s easy to inoculate your network: Simply use WPA encryption and strong passwords. (WEP isn’t good enough, because it can be easily cracked, given time.) To date, I know of no attempt to infect wireless routers. But the buzz is all over the Net, and that’s got to get malguys thinking.

So secure your network with WPA and use strong passwords. Then consider a flu shot for yourself.