US-CERT Warns Of Security Flaw In Wireless Routers

Antone Gonsalves

December 28, 2011, 05:40 PM EST

Security researcher Stefan Viehbock discovered the flaw in the Wi-Fi Protected Setup (WPS), a computing standard developed by the Wi-Fi Alliance and used in the majority of wireless home routers sold today, according to US-CERT. Manufacturers affected include Belkin, Buffalo, D-Link Systems, Cisco division Linksys, Netgear, Technicolor, TP-Link and ZyXEL.

WPS provides an easy method for non-technical people to set up an eight-digit personal identification number that's needed to connect a device to a home network. The vulnerability makes the WPS susceptible to a brute-force attack, which is when a hacker systematically checks all possible number combinations to find the right one.

When the first attempt fails, the router sends back a response in such a way that the attacker will be able to determine the first half of the PIN. This greatly reduces the amount of time needed to complete the number sequence, US-CERT reported Tuesday.

Viehbock discovered the flaw after noticing "a few really bad design decisions" in the WPS. "As all of the more recent router models come with WPS enabled by default, this affects millions of devices worldwide," he said in his blog.

US-CERT said the only workaround for the flaw was to disable the WPS. The organization also recommended using WPA2 encryption with a strong password, disabling Universal Plug and Play, which lets any supporting device connect to a network, and enable Media Access Control address filtering, so only trusted devices can access the network.

US-CERT is part of the National Cyber Security Division of the U.S. Department of Homeland Security. The organization is a partnership between Homeland Security and the private and public sectors.