Freely subscribe to our NEWSLETTER

“Small office and home routers are the perfect gateways for cybercriminals. They can be used to install malware, launch attacks at different targets on the same connection, capture usernames, passwords and introduce JavaScript to pages that are downloaded. They are small, forgotten, but mighty in their destructive potential. We can expect to see more incidents where sophisticated forms of malware infect such devices. These forms of malware, of which VPN Filter is an example, can recruit the router as a botnet in a Denial of Service (DOS) attack, act as a point of ingress to infect devices such as laptops, smartphones and other connected ‘things’, or render an infected device permanently unusable.

“Simply put, insecure configurations or unpatched vulnerabilities could lead to enterprise networks being brought down and all the reputational damage that comes with that, or as a means of accessing consumers’ banking, address and personal information. Within networks the capabilities exist to sniff out attacks by monitoring behaviour to identify inappropriate connections. For example if a particular device that usually only talks to the webserver suddenly downloads large amounts of information from the customer database, we know something is up. However, routers are often found at the perimeter of networks. Their complex external connections mean that those behavioural patterns may not present themselves as readily.

“To fight back against threats such as these. Everyone must play their part. Manufacturers must ensure that their electronic devices are Secure by Design in order to resist compromise. Network managers must monitor their networks to spot suspicious activity before it can cause harm. And all of us must ensure that our various devices from phones to routers always have the latest updates installed.”