Home wireless networks wide open

By

Half of all home wireless systems open to attack.

Home wireless networks wide open
Research by the Indiana University School of Informatics (IUSI) has uncovered a security threat that could affect half of all home servers.

The attack uses a JavaScript application to change the domain name system settings on an unsecured router, or one that uses the default password.

This could allow a hacker to redirect the user to a phishing site whenever they try and log-on to their online banking sites, for instance.

Professor Markus Jakobsson of the IUSI, explained that the attack highlights the importance of the human factor in security.

"While drive-by pharming arises due to inadequate protective measures, there is also another human component: if an attacker can trick you into visiting his page, he can probe your machine," he said.

"Deceit is not new to humankind, but it is fairly recently that security researchers started taking it seriously."

The IUSI estimates that around 50 per cent of home routers are vulnerable to the attack because of poor password protection.

It recommends the use of a multi-layer password that includes upper and lower case letters, numbers and symbols to make cracking difficult.

"This new research exposes a problem affecting millions of broadband users worldwide," said Oliver Friedrichs, director of Symantec Security Response.

"Because of the ease with which drive-by pharming attacks can be launched, it is vital that consumers adequately protect their broadband routers and wireless access points today."

The attack is even more worrying since it requires no physical access to the router. A hacker could simply drive through a neighbourhood and launch the attack remotely.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Log In

  |  Forgot your password?