The vulnerability in several devices using the IEEE 802.11 wireless protocol has been highlighted by the Australian Computer Emergency Response Team (AusCERT), an independent non-profit organisation based at the University of Queensland’s Information Security Research Centre.
Denial of services attacks on wireless networks have previously required specialised hardware and considerable technical expertise. The equipment needed to saturate the wireless frequency with high-power radiation, a typical jamming method, would make the attacker easy to spot.
But the AusCERT report says that this vulnerability “makes a successful, low cost attack against a wireless network feasible for a semi-skilled attacker” who would therefore be much harder to identify and apprehend.
WiFi adoption is still in the early days for many organisations but the security alert will cause network operators to think twice before deploying the technology in critical infrastructures where constant availability is paramount.
Because the flaw is in the wireless protocol itself, it cannot be overcome by software or encryption schemes. Devices using IEEE 802.11, 802.11b and low-speed 802.11g are vulnerable to attack but 802.11a and 802.11g with speeds over 20 Megabits per second (Mbps) are not affected.