Most Critical Wireless and Mobile Security Vulnerabilities

By | June 26, 2006

Inspired by the SANS Top 20, this list is a consensus of industry experts on wireless and mobile vulnerabilities that require immediate remediation. It is offered as a public service by the Mobile Antivirus Researcher’s Association.

By default, wireless routers are shipped in an un-secured state. The result of this is that an attacker can easily connect to and configure the router to meet his or her own needs. The risks include changing the DNS server settings to a static IP that is owned by the attacker; or, uploading a hacked firmware version to the router that could put the attacker in full control of the data. Sniffing programs, wireless scanning drones, attack scripts, and more can be easily installed on the router, all of which would go undetected.

In addition to the active attacks against unconfigured routers, these devices can be used as a gateway for attackers to launch viruses/attacks/spam sessions. Since most routers have very limited logging, the attacker could have a nearly-perfect anonymous connection. Any attempt to trace the attack back to its origination will dead end at the wireless router.Read Full Story

Leave a Reply