80% of Best-Selling Wireless Routers Have Security Vulnerabilities
A new report claims that four out of five of the top 25 best-selling routers on Amazon have security vulnerabilities.
The report, from security firm Tripwire, goes on to say that 34% of the affected models are vulnerable to publicly documented exploits, which make it extremely easy for any criminals who wanted to hack into the networks using those routers.
Routers are an ideal target for cyber-criminals because they can be used to "eavesdrop" on any traffic sent to and from the network. "After an attacker has gained control of a router, they are able to monitor, redirect, block or otherwise tamper with a wide range of online activities," Tripwire said.
Tripwire's Vulnerability and Exposure Research Team (VERT) has analysed the security provided by the most popular wireless routers used in many small and home offices and the researchers found that as well as taking advantage of security vulnerabilities with the routers themselves, human error and failure to take even the most basic security measures can cause security problems too.
The report claims that 30% of IT professionals and 46% of employees do not change the default administrator password on wireless routers. This means that with access to the configurations device, attackers can easily compromise any similar router.
Craig Young from Tripwire said: "Unfortunately, users don't change the default administrator passwords or the default IPs in these devices and this behaviour, along with the prevalence of authentication bypass vulnerabilities, opens the door for widespread attacks through malicious web sites, browser plugins, and smartphone applications."
The report also find that high percentages of administrators and employees use the inseucre WPS standard which makes it simple for attackers to discover a router's encryption passphrase, regardless of its complexity or strength.
The Moon
The report from Tripwire comes in the same week as a report from the Internet Storm Center warned of a continuing attempt to exploit a vulnerability in 23 separate routers made by Linksys.
Once the virus - known as The Moon - takes control of the router it can scan other devices connected to it for vulnerabilities.
So far, researchers are unable to say why these routers have been compromised, but there are indications that the criminals behind The Moon virus could create a network of compromised machines, known as a botnet.
Linksys has said that only routers with the Remote Management Access option turned on will be vulnerable, and turning off the router and disabling the option should clear the virus from the machine.
© Copyright IBTimes 2024. All rights reserved.