An industry-standard feature on wireless routers marketed to consumers and small businesses, Wi Fi Protected Setup (WPS), is vulnerable to a simple “brute force” attack. Free tools are already available to gain access to these routers. Making matters worse, it has been discovered that some router brands are unable to disable WPS, making it impossible to secure the routers at this time. Many healthcare providers use this low-cost, consumer-grade equipment with WPS in 
their facilities.
WPS is a feature invented by the wireless industry to ease the setup process for people lacking technical expertise. The intent is to help people easily enable encryption features for greater security and protection. In an ironic twist, a feature to improve security has become a vulnerability.
The techniques to hack WPS were first published by researchers in late 2011. Now people with little expertise can use free, open source tools to hack these routers. It turns out that the brute force attack is much simpler than the architects of WPS intended, due to poorly implemented standards, and requires only about 10,000 combinations to find the PIN. It has been demonstrated on multiple vendors to be accomplished in as little as 4 hours. Some vendors have implemented mandatory wait periods between unsuccessful guesses which will significantly increase the 4 hours.
While access to the router alone does not provide by itself access to protected health information, which is presumably protected by other layers of security, it does provides improved access to the organization’s network to conduct other attacks. These attacks may identify other vulnerabilities that may exist and result in breaches.
Organizations are advised to consult with the manufacturers of their routers regarding this vulnerability for security advice. In some cases, a firmware upgrade will be necessary to disable WPS.
