Virus danger from wireless hotspots could leave laptop users open to charges

Public laptop users could end up breaching the Computer Misuse Act if their laptops are used to spread viruses via a wireless botnet

Business laptop users are laying themselves wide open to the threat of wireless botnets hijacking and maliciously using their PC, a security expert has warned.

Ken Munro, managing director of network testing company Securetest, told IT Pro that unwary laptop users are spreading a trail of vulnerability behind them as they work in public places. This is leading, he said, to a new kind of threat for which there could be serious consequences for the whole enterprise.

"This poses a far greater danger to mobile communications than any other type of mobile hijacking, including blu-snarfing," he warned.

"This is because the wot-net (wireless botnet) harnesses together disparate laptops and instructs them to rebroadcast a signal without the knowledge of the user. In effect, this triggers the laptop to pass on the connection like a virus and places the end-user in breach of the Computer Misuse Act."

Munro explained that an attack works when an attacker within the vicinity of a laptop starts an 'ad-hoc' or 'peer-to-peer' wireless network connection.

"Any wireless client in proximity can view this, so in a wireless hotspot area, there's a significant chance a user trying to find the hotspot may inadvertently select this," he said.

"The attacker client device will be in the same class B subnet as the target [169.254.X.X], so he has simply to run a 'pingsweep' and detect the target device before then giving himself a static address in the correct range. The attacker now has a trusted wireless connection to the target. The target device then begins sending out 'probe' packets looking for the attacker's ad-hoc connection, even when out of range."

Munro warned that any other wireless clients in the vicinity of the 'infected' client device can also see the ad-hoc connection being broadcast. Users looking for a hotspot who go through the same process can select the wrong connection and 'infect' themselves with the connection before then broadcasting it too.

"It's amazing how badly prepared a lot of laptop security is," said Munro. "Their anti-virus software wouldn't see the problem. SSL certificates don't help as anyone can serve one."

He said the solution for network managers is fairly simple: "When deploying new laptops, make sure they are configured not to broadcast ad hoc connections. When existing laptops come into the office, do the same. Wireless can be very secure if implemented properly. There's no reason for enterprises to be scared of it."

Wireless botnets are a bona fide threat, says Rob Bamforth, senior analyst with research firm Quocirca.

"This isn't one of those things security companies come up with to scare people," he said.

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Most Popular

Looking beyond the obvious: What’s best for multi-cloud?
Sponsored

Looking beyond the obvious: What’s best for multi-cloud?

8 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021
How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021