How To Reduce Phishing Attacks On Your Business

One of the worst cases of phishing occurred in 2007 where an international phishing ring had a significant impact on two banks stealing account details from thousands of people and transferring about $1.5 million into fake accounts they controlled. It took over two years of FBI investigation to charge over 100 people were behind the attack.

What is phishing?

Phishing is a form of online identity theft that works through the gathering of personal information via deceptive emails and websites, and it is has become increasingly common in the digital age we live in.

In the past phishing attempts were more identifiable with obvious grammatical and spelling mistakes, as well as the message itself being out of the norm whether it was offered inheritance from a relative you never had to assisting a business transaction for an individual you’d never met.

Today, phishing emails are remarkably clever, pulling language straight from official company correspondence, avoiding poor typos and being backed by fake websites that are close replicas of the websites being spoofed. Logos, corporate branding and plausible domains like mycommbank.com or paypa1.com (note the 1) make the sites appear real enough and at times, victims are even directed to the real company websites, only to be presented with a faux pop-up form that captures their personal information.

As a company, how can you avoid becoming a victim of phishing?

It’s difficult for a company to eliminate the threat of a phishing attack entirely. However, you can take several measures to reduce the odds of this occurring. One such measure is to have a defined communications protocol on how employees interact with customers via email. Ensuring all emails and webpages share a consistent visual appearance, greeting customers by their first and last name, and never requesting personal or account information by email are ways to educate and train customers of this communication protocol. This makes it easily identifiable when an email appears out of the norm.

Companies should also rethink how customers interact with their website. Users should not be able to simply open a new account with personal and financial information without some form of email verification that acknowledges transactions as well as using secure logins to access e-commerce forms.

Other methods slowly being adopted include better authentication through RSA tokens, biometrics, one-time passwords and smart cards, all of which make the information phishers capture less valuable. Commonwealth Bank uses a combination of online security, Q&A verification along with a 6-digit SMS one-time code sent directly to a users mobile phone before a transaction is made. This makes it difficult for phishers to replicate the process. Another mid-sized bank recently added encoded data on its magnetic strip that helped authenticate ATM transactions. As the data is not visible to the customer, there is less risk in customers accidentally disclosing it.

Establishing an anti-phishing team and a response plan is also key to preparing for a potential phishing attack. The team should include representatives from most departments including IT, marketing, customer service, legal etc. Then identify the following:

  1. A dedicated email account to which customers can forward any questionable emails to (e.g. fraud@yourcompany.com)
  2. Train your employees and call center staff to recognize a phishing attack and prepare the communication between them and customers if one were to occur.
  3. Prepare a timeline of how and when you plan to notify customers that an attack has occurred. The earlier customers are made aware and educated, the better prepared they can be and the less risk there is of more data being captured by phishers.
  4. Outline who to contact and how to get a phisher site down as quickly as possible, as well contacting law enforcement as soon as possible.
  5. Find and shutdown phishing sites before phishers launch their campaigns. You can outsource this to a fraud alert service, who use technologies to scour the web for unauthorized use of your branding and newly registered domains that contain your company name or are similar to. This gives you added time to counteract a phishing attack.
  6. Worked with Managed Security Service Providers to protect your websites from phishing risks. Our SecureSTREAM solution is designed to prevent websites from becoming compromised to phishers.

In the end, it comes down to preparation and educating your customers about online security. They are the first and last line of defense, so by including them in your solution and following the tips above, you can severely reduce the risk of becoming a phishing target.

Australia’s Privacy Legislation Amendments 2014

An overview covering the amendments to the Privacy Act, to generate awareness of the issues and potential impacts on both organisations and individuals if there is a breach of the Act.

Please download your copy here.

How to Perform IT Security Auditing

Every single day, threats to network and IT security are becoming more prevalent and sophisticated, making it essential to determine how vulnerable your company’s systems are to such threats. Knowing how your business can avoid or cope with a potential security breach is also important to ensure that no loss of valuable and sensitive data will occur.

This is something an IT security audit can help you with. According to Symantec, a security audit is “an assessment of how effectively the organisation’s security policy is being implemented.” Conducting an audit allows you to pinpoint the strengths and weaknesses of your existing IT security measures, as well as ensure that data and applications are being used and handled safely. But how do you audit your company’s IT security?

Asset identification

According to experts, the first step to conducting an IT security audit is to identify what needs to be protected. Thus, you should create a list of all the assets your company or organisation has. This may include computers, routers and networking equipment, as well as company and customer data. Be as detailed and thorough as possible because it will help you clearly identify the specific threats that each company asset faces.

Threat and vulnerability assessment

After listing down all of your company’s assets, the next step is to identify the potential threat sources for each one. Take note that threats to your IT security are not limited to malware attacks and network intrusions. Floods, cyclones, accidents, and natural catastrophes are also considered as threats as they can cause harm to your IT system.

Take into account threats that could potentially arise in the future. According to experts, a good security audit should not just consider existing threats and vulnerabilities, but include those that can affect one’s company in the long run. One way to determine future threats is to hire an auditor or a contractor that can perform a penetration test.

At  Seccom Global, we offer auditing services with the latest technology allowing us to conduct vulnerability assessments and penetration tests against your network infrastructures. Our security consultants and auditors hold the highest level of certifications and clearances including CISSP and I-RAP, allowing us to provide you with the expertise and information you need to assess any potential threats now and in the future.

Calculate probability and harm

Next is to determine how likely the listed threats will actually occur and how they would affect your business or organisation. To calculate probability, research your company’s and competitors’ history with a particular threat, and look up empirical studies on how often most companies face this threat.

After calculating probability, determine how much damage a particular threat would cause if it did occur. There are several ways to calculate the potential harm of a threat. You can count up lost revenue or assets in terms of dollars. Alternatively, you can consider the number of work-hours lost while trying to mitigate or remedy the damage of a threat.

Evaluate potential countermeasures

Once assets, threats, and vulnerabilities are identified, the next thing you need to do is to assess the effectiveness of existing countermeasures. Are they up to date? Are they easily doable? Can they detect threats before they happen? Can they minimise the impact of a particular threat when it occurs? Finding answers to these questions will help you verify if existing security measures are adequate or if you need to add more muscle to them.

Develop a security threat response plan

Based on the results of your auditing, you should decide which security measures should be implemented and prioritised and which should be updated or shelved entirely. You should also come up with a good security threat response plan to ensure the safety of your IT system and to help you better prepare for events or circumstances that can affect your business.

Are you going to get sick?

OK, so it’s back in the news again.  Ransomeware, cryptolocker, Cryptodefence whatever you want to call it.  Extorting money from a user of a PC is not a new thing.  Back in the late 80’s there was the “AIDS” virus that tricked users into thinking that a licence had expired on their PC and that they need to pay a sum of money to unlock the system.  This virus would encrypt certain files on the computer’s hard drive to enforce payment.  Not very graceful but effective.

Fast forward to present day and have seen an increase in the number of attacks using this Modus operandi.  Now the easiest way to prevent this from happening is to cut the Ethernet and disable the Wi-Fi/USB drivers – not a valid solution for the connected generation.  Just try going a weekend without Facebook/twitter…etc!

So is there a silver bullet to preventing this from happening to you?  Ask yourself a few questions. Do you click on emails that you don’t know the sender?  Do you trust friends when they give you a USB drive with the latest non pirated movies???  There are several more questions we could ask here and I would imagine the answer would be yes to the majority of them.

The method of propagation of this malware are varied but they all still count on a simple premise.  This is that the victim has a vulnerability in code that can be exploited.  Now all the MAC users out there please note that you are not immune to this.  Last year there was a malware that surface just for the OS-X platform.

It comes back to the old adage of defence in depth.  This is something that I have been talking about for over 10 years in the security industry.  How many times have you hit the postpone button on the update for your OS?  Would you do the same on your desktop AV solution?  Your security gateway, AV and OS are an ecosystem that works as the white blood cells for your security.  If one of these are not working as they should you have in increased chance of becoming sick.  Although Zinc is vital for your body’s health and stamina, it’s not enough to fight a nasty cold, just like IPS is not enough for your network you need multiple layers of protection – you need multivitamin and a flu shot!

There are ways to recover from the malware without having to pay the ransom.    As with getting over any illness it takes time to get back to full strength. The lesson is to make sure that you have your flu shot on a regular basis.  Keeping your systems patched and updating your security subscriptions will help prevent the infection in the first place.

Fortinet’s way to help you fight off the cold is to provide a security multivitamin and you flu shot in one easy package.  Who wants to take 5 pills at once…

  1. Detection and blocking of the actual Malware or installer itself using the AntiVirus/AntiMalware inspection engine on the FortiGate.  This will prevent installation of the malware when connected to the corporate network.  The AV engine also contains advanced heuristics and limited sandboxing or emulation capabilities that can be used to detect and block malicious code without a signature.  FortiClient can provide detection for remote devices.
  2. Sandboxing is a new capability that allows us to execute the suspected malware in a virtualised, sandboxed environment to analyse it’s behaviour, from this we can deduce if the code is actually malicious and then alert the network administrators to a potential security issue, this approach will not block the malware as it is not in ‘real-time’, the solution is either available as an cloud based (included with the existing subscriptions) or a on premises solution using an additional appliance.  I will be able to share more information about the capabilities of the on premises solution shortly.  We have just finished some NSS testing and results are extremely good.
  3. Using application control and the AntiVirus/AntiMalware inspection engines we can also detect and block actual network communications emanating from the installed malware so we can block all network communications.  This can help detect machines previously infected prior to connecting to the network and also help to stop replication of any malicious worm code.

Ransomware is not a new style of threat, it has been around for quite a long time.  Detecting these types of threats is something Fortinet has always done and will continue to do so but as you can see you need to take a number of different steps to ensure you are covering all the bases.

 

Here are some FortiGuard resources that discuss Ransomware, specifically CryptoLocker

http://blog.fortinet.com/Derek-Manky-Talks-BadBIOS-and-Cryptolocker—Network-World-Podcast/

http://blog.fortinet.com/A-Closer-Look-at-Cryptolocker-s-DGA/

5 Ways SMEs Can Improve Their Online Safety

According to Symantec, in 2013 alone, there has been a 91% increase in the number of targeted attacks and 62% growth in the number of online intrusions. As a result of these attacks, the identities of over 552 million Internet users were exposed. Those who use mobile devices weren’t spared either; according to the online security company about 38% of them experienced mobile cybercrimes in the past 12 months.

With the growing threat to online safety and security it’s very important for everyone, particularly those who own small and medium enterprises or SMEs, to protect themselves from vulnerabilities. John Fontana of Ping Identity shared some practical tips on how to protect your business from various online threats.

Use strong passwords. One of the reasons a business becomes an easy prey for cyber criminals is the use of passwords that are easy to crack. To prevent unwanted intrusions, creating strong passwords is a great starting point. Your passwords should be at least eight characters long and use a combination of letters, numbers, and symbols where possible.

Utilise a reliable security solution. A reliable security solution provider is your first line of defence against cyber attacks and unwanted intrusions, which could put your business at risk and expose valuable customer data. So no matter how big or small your business is, it is important to enlist the services of a security provider that can offer you solutions, like firewall, antivirus and anti-malware software, to prevent your business from becoming a victim of cybercrimes.

Create contingency plans. As the saying goes, always expect the unexpected. To protect your business, you should create and implement a disaster preparedness plan. In case something happens to your system, you can still have access to appropriate security and backup solutions to save and retrieve important files and documents.

Stay updated. According to Fontana, new viruses, malwares, and worms are being created every day. In addition, hackers are constantly finding ways to evade detection stay one step ahead. For this reason, it is important to stay up-to-date and be aware of the latest issues concerning online safety and security. You should also ensure that your antivirus and other security programs are of the latest versions.

Educate your employees. To keep your business safe from online threats, having your employees’ cooperation is of utmost importance. Fontana said you should develop security guidelines and educate your employees about internet safety and security. You should also provide them with all the information they need, so they are armed with the knowledge of what to do during cyber attacks.

Prevention, they say, is better than cure. To protect your business or enterprise from vulnerabilities, you should take a proactive approach to ensuring your online safety and security. Seccom Global’s SecureSTREAM, a cloud based website security solution, utilises a multilayered approach to protect your company’s websites from online attacks such as SYN Floods, DDOS, SQL Injections, Cross Site Scripting.  In addition to this, SecureSTREAM will give you full visibility of who, when and why people have visited you website.

What You Need to Know about Outsourcing Your Company’s IT Security

In this day and age where many online businesses and websites are being targeted by cyber criminals, it is prudent to take the necessary precautionary measures to ensure one’s online safety and security. However, keeping your organisation or business secure is a time-consuming process. In addition, it requires a high level of technical skills and knowledge to implement effective internet security measures to thwart potential attacks and intrusions.

For this reason, outsourcing your company’s IT security makes perfect sense. Instead of attempting to run and manage your online security in-house, you can just enlist the services of a managed security service provider or MSSP. But before you do, here are some basic facts and information you should know.

Who can benefit from outsourcing their IT security?

According to Paula Livingston, managing director at Scotland-based Rustyice Solutions, organisations of all sizes can benefit from entrusting their IT security to a third-party security provider. But if there’s one group of businesses that can benefit the most from outsourcing their online security, it has got to be small businesses.

Livingston explained that small businesses often lack the time, manpower, and financial resources to run effective security measures. “Typically, their IT department will be just one or two guys, and there is a danger that the elements of security that are not being taken care of won’t be obvious until it is too late,” she said. But by seeking the professional services of an MSSP, small and medium-sized enterprises can provide better security coverage for their online assets and infrastructure.

What can you expect from an MSSP?

When you obtain the services of an MSSP, one of the things the security service provider will do first is to audit your existing security infrastructure and procedures. It will also obtain information regarding the nature of your business and your key business processes. Livingstone pointed out that this is essential because it will help the MSSP understand how a potential attack can affect your business.

After weighing the strengths and weaknesses of your current security measures, the MSSP will offer recommendations to fill in security gaps in your system. Once the service is up and running and all the necessary online safety measures have been implemented, the security provider will most likely schedule a monthly or quarterly review meeting. This is to provide you with the necessary updates and to discuss possible changes to the security infrastructure that need to be carried out so you can better deal with emerging threats.

How can it benefit you?     

Outsourcing your IT security can benefit your business in more ways that you can imagine. First off, it can help you minimise costs. According to previous research, the cost of a managed security service is typically less than hiring in-house, full-time security experts.

And as compared to most in-house IT security providers, MSSPs are better equipped at dealing with various security situations because they have been dealing with hundreds or thousands of potentially threatening situations on a daily basis. They can offer you better security facilities and solutions, as well. This basically means that for the fraction of the cost of running and managing an extensive IT security department, you can obtain better security solutions and provide better coverage for your online assets by outsourcing your IT security.

If you want to prevent attacks on your system, you should consider obtaining the services of a reliable security service provider. This way, you can have peace of mind knowing that your business and all the sensitive data you handle will be protected against viruses, malwares, and other forms of cyber attacks.

Protect Your Website from DDoS Attacks with Seccom’s SecureSTREAM

Just a few days ago, Feedly and Evernote went down after suffering from a series of DDoS attacks. Hundreds of users weren’t able to access their accounts as the hackers refused to stop the attacks unless the two websites pay a certain amount of money. Fortunately, the attacks were neutralised and services were restored shortly after.

While Feedly and Evernote were able to overcome such a hurdle, some websites and online businesses may not be as lucky if they are to experience similar attacks. For this reason, it is very important to improve your understanding of such online threats and beef up your online security measures to prevent attacks that may disrupt your business and even cause potential profit losses.

 

What is DDoS?

DDos stands for Distributed Denial of Service. DDoS attacks can do a significant amount of damage to a website if they are not addressed and neutralised immediately. In a DDoS attack, a hacker makes a computer resource, such as a website, app, email, voicemail, and network, stop responding to legitimate users by commanding a number of remotely-controlled and malware-infected computers or machines to send a flood of network traffic to the target. Because the target has become so busy dealing with the hacker’s requests, it cannot respond to the requests of its legitimate users. As a result, long service delays and downtimes will inevitably occur, just like what happened to Feedly and Evernote.

According to experts, there are generally two types of DDoS attacks. The first one is a network-centric attack that overloads a service by using up bandwidth. The second attack is called an application-layer attack that targets and overloads a service or database with application calls.

However, even if your system hasn’t been directly targeted by a DDoS attack, it can still be at risk. Once it has been infected with malware, a DDoS intruder can use your computer to attack other systems without your knowledge. It will be categorised as a “zombie” or “bot” because it does whatever the attacker wants it to do. It will be included in a group of infected computers, known as a “botnet,” which is considered by Kaspersky Labs and Symantec as the biggest threat to Internet security.

If your system is unprotected, DDoS attackers might wield it as a weapon and use it to damage other online infrastructure, causing system outages and thousands of dollars in profit losses.

 

Prevention is Better than Cure

As with everything in life, having a proactive approach to managing your Internet security is your best line of defence against damaging online attacks and intrusions. Because hackers are getting smarter and they are finding ways to randomise their attack signatures so they won’t be detected easily, it makes perfect sense to step up your game to protect your website or online business.

Seccom Global’s SecureSTREAM will defend you against online intrusions to ensure the safety and wellbeing of your online infrastructure. It is a cloud-based security solution designed to protect your website from DDoS, SYN floods, SQL injections, cross site scripting, and other well-known online attacks and intrusions.

SecureSTREAM uses a multi-layer approach to protecting your online assets. With this web solution, your web server becomes virtually invisible on the Internet as it sits behind Seccom’s cloud infrastructure. This stops DDoS attackers and hackers from pinpointing your true IP address, thus, preventing your system from being targeted by a DDoS attack and/or being used by DDoS intruders to damage other websites.

As the saying goes, prevention is better than cure. So take a proactive approach to ensuring your online safety and security to avoid system downtime and potential profit losses.

5 Areas to Evaluate When Hiring an MSSP

For the uninitiated, an MSSP, or managed security service provider, is an online service provider that helps businesses and organisations manage their network security. Some of the services provided by an MSSP include virus and spam blocking, intrusion detection, firewalls, and virtual private network management among other things. MSSPs are a great help to businesses because they allow an organisation to minimise costs by outsourcing security functions.

While some businesses and organisations are reluctant to give up complete control over the security of their systems, enlisting the services of an MSSP is still a good option to consider, especially with the growing number of online threats these days. But before you entrust your company’s wellbeing to a specific security service provider, here are the areas you need to evaluate and factors to consider.

Financial Stability. As a smart business owner, you wouldn’t let your company be dragged down by a sinking ship. If your chosen MSSP suddenly declares bankruptcy, you might find yourself in a security conundrum at a very inopportune time. As such, it is important to evaluate the financial stability of an MSSP as it can say a lot of things about the company, including how reliable and capable it is. Perform due diligence to ensure that your system will enjoy continuous protection from your chosen security service provider.

Service Offerings. It is essential to ensure that the MSSP you’ll choose is indeed capable of managing and/or monitoring key parts of your network and specific technologies. It should be able to understand your specific needs and possess the required technical capabilities. For instance, according to Fishnet Securities, if you need your Security Information and Event Management (SIEM) deployment managed for log collection, your chosen MSSP should be able to support the SIEM and all connecting technologies. Any qualified MSSP should be able to identify this during the scoping process, the company added

Human Factor. Because you’re entrusting the wellbeing of your company to other people, you should verify that the engineers and the staff behind an MSSP really know what they are doing. “Any MSSP should be willing to give you statistics around response times, employee count, location, and experience held by their engineers,” Fishnet Securities stressed out. Such information will give you the assurance that the service provider you have selected has a team of engineers with the necessary knowledge, skills, and expertise to satisfactorily address your security needs.

Data Centre Location. Another area to evaluate is the MSSP’s data centre location and disaster recovery sites. It is important to determine and understand where the security provider stores your company data and where they are being managed because they involve your company’s privacy. As a paying customer, you’d certainly want to get the assurance that sensitive company data are being handled and stored properly and that no security breaches will occur.

Reputation. Ideally, you’d want an MSSP that has longevity in business and strong partnerships with notable companies. Therefore, ensure that the service provider has a solid reputation and proven track records. Get to know the people behind the company to make sure that they have your best interest in mind. Experts recommend taking references and going with personal recommendations to ensure best results.

Entrusting your company’s network security to a third party is a very important matter. Because it is your organisation’s well being that’s on the line, you must be willing to do some extra work to ensure the safety and security of sensitive company data and information. Therefore, it makes perfect sense to set criteria and standards for your choice and be extra thorough and meticulous when selecting a specific MSSP to trust.

Why C-Level Executives Need to Integrate IT Security into Their Overall Company Strategy

In 2013, a significant number of popular websites and tech companies, such as Facebook, Microsoft, and Apple, have been victims of cyber attacks.And just recently, Heartbleed, a massive flaw in web encryption that enables hackers to steal personal details and passwords from companies, was made public, sending the online community into a state of panic. With such incidents getting more frequent these days, some experts believe that C-level executives need to incorporate IT security in their overall company strategy.

According to Syed Ali, VishyPadmanabhan, and Jim Dixon of Bain & Company, despite the billions of dollars spent by organisations to protect their digital assets, they are still not immune to cyber attacks and threats of hacking and data breaches. What is worse is that not only are these attacks many, they are also more complex and larger. In addition, many of them are targeted incursions on organisations for financial gain.

In a report published on Bain.com, Ali, Padmanabhan, and Dixon pointed out that the immediate consequences for a company dealing with a customer data breach can be severe. These consequences may affect a company’s image and cause a decline in sales and stock prices, as well as threat of lawsuits from customers and business partners.

As such, it is only logical that companies should ramp up their cyber security to prevent potential data leaks. “With stakes so high, CEOs and boards must begin to think about security in a new way. IT security – a task that could once be delegated to the IT staff – has become a top-level strategic issue because the consequences of failure can ruin a business. Any organization may be only a few hacks away from disaster,” the trio wrote.

To help businesses and organisations, Ali, Padmanabhan, and Dixon have come up with several recommendations to help ensure a more strategic rather than an operational approach to preventing and responding to cyber attacks.

  • Understand the organisations key assets and appetite for risk – Business and IT leaders should both agree on the prioritisation of digital assets (like customer data) according to their value and risk to the organisation. This will allow them to properly design technology, processes, and supporting resources that could help prevent or address vulnerabilities.
  • Identify the security risks and gaps – C-level executives and IT departments should have the same views when it comes to the company’s current security capabilities versus the perceived security risks.
  • Define the cyber security strategy – The IT department should develop a strategic and operational plan to protect digital assets. This plan should be approved by both business and IT leaders.
  • Emphasis gaps, priorities and strategy to the CEO and board – Business leaders should be made aware of security-related risks and the gaps they face to help them better understand why it is important to invest more in the company’s IT security and make it a vital part of overall business strategy.
  • Engage recognised security specialists. As attacks become more sophisticated, Ali, Padmanabhan, and Dixon agreed that organisations should work together with other cyber security experts. With their help, businesses can provide better protection for their digital assets.

Study Proves Malware Can Also Attack and Threaten Wi-Fi Networks

Over the last few years, Wi-Fi hotspots are a common sight in many cityscapes around the world. Today, it is rare to find a coffee shop or a hangout spot that doesn’t provide its customers with free complimentary Wi-Fi access. With the popularity of Internet enabled mobile devices, such as smart phones and tablets, this is fairly understandable. But did you know that Wi-Fi hotspots themselves can also be attacked by malware?

Researchers from the University of Liverpool have recently found that Wi-Fi is also capable of propagating malware and what’s worse is that existing antimalware programs are ineffective against it. As part of the study, Jonny Milliken, Valerio Selis, and Alan Marshall have created a digital malware code named “Chameleon.” During the course of their research, they have discovered that Chameleon only attacks Wi-Fi Access Points. Surprisingly, however, it doesn’t affect computers or mobile devices. The malware does this by transmitting the malcode wirelessly, which, according to experts, is something unheard of until now.

Basically, Chameleon works like this. First, the malcode locates nearby Wi-Fi access points that are unencrypted and using default Admin settings, like public Wi-Fi for instance. Then, it saves the targeted access point’s system settings and then replaces its firmware with Chameleon. Once the Wi-Fi access point has been infected, Chameleon will configure the access point’s saved settings before moving on to other Wi-Fi networks and starting the same process all over again.

While it is true that the malware only affects Wi-Fi access points and not computers and mobile devices, unlike computer viruses and malicious programs existing today, it still presents a threat to online security. Based on the researchers’ study, Michael Kassner of TechRepublic.com explained that by focusing on the Wi-Fi portion of the network instead of computers and mobile devices, the malware is unlikely to be detected using current antimalware technology because of the three following reasons:

  • Networking devices are not protected by onboard antimalware programs.
  • Chameleon is not revealed by Intrusion Detection Systems.
  • The number of infected devices cannot be determined using forensic method.

Additionally, Kassner said attackers might take advantage of the opportunity and they could be “hard at work” developing something similar to Chameleon to make it much easier to spread malware and viruses in the near future, thus, further increasing the potential damage that such malware could inflict on various computing devices.

Kassner also observed how the researchers used the word “epidemiology” in their research paper. He said the way Chameleon infects Wi-Fi access points and propagates sounds “remarkably similar” to how a biological virus spreads, which is influenced by “the number of people with whom an infected person comes in contact.” This basically means that the more Wi-Fi access points the malware infects, the easier it is for the malware to spread.

While there is no currently existing technology that could eradicate malware programs that are similar to Chameleon, the researchers have offered some useful pointers on how to detect them. The research team wrote, “The work then proposes and experimentally verifies the application of a detection method for the virus. This method utilizes layer-two management frame information that can detect the attack while maintaining user privacy and user confidentiality, a key requirement in many security solutions.”

Kassner also added his two cents’ worth on the matter. According to him, it helps owners of public Wi-Fi access points to understand how malware uses Wi-Fi to spread and propagate. It is also important for them to secure their Wi-Fi networks to avoid potential attacks.

As for users, the only available method to avoid Chameleon-style malware and viruses is to stay away from unencrypted Wi-Fi networks. After all, such malicious programs can only affect Wi-Fi network devices that are using wireless encryption.