Press enter or return to search.

News

Routers: Potential Cyber Criminals’ Targets

Cyber security researchers have recently shocked businesses and consumers alike by revealing how easily routers and network devices such as NAS (network attached storage) or security cameras could be accessed from anywhere on the internet. Even more worrying is that no sophisticated software or technical knowledge is needed to compromise networks.

Search engines and online tools such as http://www.shodanhq.com can be used to expose hundreds of thousands of network devices.  These vulnerabilities are due in part by poorly written firmware and unsafe default settings for routers.

Researchers have found malware designed specifically for routers as well.  The incredible diversity of consumer routers in service today pose a problem for hackers; however, cyber criminals have worked around the problem by targeting ISP (internet service provider)-issued routers. The most remarkable piece of router malware known so far is “The Moon.”  This clever program installs itself upon compatible routers and scans for vulnerable connected devices. Security experts worry about The Moon’s potential for creating botnets, which are networks of personal computers infected with malware (often without the owners’ knowledge).

Fortunately, end users can take steps to protect themselves by taking the following steps:

(1) Change the default administrator router password: a shocking number of routers still have their default passwords (such as password)

(2) Update your router’s firmware: the latest version of your router’s firmware can be found by looking up the model of your router on the router manufacturer’s website (large consumer router manufacturers include: Asus, Netgear, Linksys, and Cisco)

(3) Ensure that anonymous access is disabled on network-attached devices (such as network-attached storage): you might have to dig around in the settings of your router or your network-attached device

(4) Disable remote management on your router: again, you might have to look through your router’s settings

(5) Password protect all devices that connect to your router, even if it’s a refrigerator or toaster.

(6) For maximum security, put your router into pin-hole mode (this blocks every port on your router by default and you can open only the services you need)

Source: http://www.pcworld.com/article/2097903/asus-linksys-router-exploits-tell-us-home-networking-is-the-vulnerability-story-of-2014.html

by Raymond Cao’17

 

Author

Comments are closed.