Actu
Kaspersky comment: Vulnerabilities found in wifi-routers
May 2021 by David Emm, Principal Researcher at Kaspersky’s Global Research and Analysis Team (GReAT)
Consumer watchdog ‘Which?’ recently examined 13 Wi-Fi router models, provided by major names such as Sky, EE and Virgin Media, and found that almost two-thirds had significant cybersecurity flaws, putting millions at risk.
These flaws come in the form of weak default passwords, network vulnerabilities which could concede full control to hackers, and lack of firmware updates from as far back as 2018.
David Emm, Principal Researcher at Kaspersky explain:
“With the number of smart and connected devices in the home today, a breach into a home network could allow hackers to mine for personal data, extort money, and even physically break into your home by shutting down alarm systems and opening doors by wireless access. On top of this, a compromised router could be used by criminals as part of a DDoS (distributed Denial of Service) attack against an online resource or simply to mask the origins of their illegal activity.
“Some manufacturers of routers already ship devices with a unique key – which is something that all manufacturers, regardless of where they are based, should be doing as an elementary security measure. However, until all vendors do this, consumers must get into the habit of changing default passwords immediately, to ensure their router is not open to attack by anyone who knows the default password used by the manufacturer. Consumers should also check that devices can be updated, to reduce vulnerabilities that criminals can exploit, and ensure that encryption is enabled on routers. It’s also important that they enable encryption on the device – ideally WPA2 encryption.”
