Attackers are in the perfect position to compromise networks thanks to supposedly secure devices being protected with default credentials. That’s the takeaway from a new report by threat intelligence experts at IBM’s X-Force unit that warned a router reality check is needed after research revealed that 86% of routers are still using the default admin credentials. Here’s what you need to know and do.
A Router Reality Check Can Protect You From Hack Attacks
As I reported at the time, researchers at Broadband Genie recently revealed that 86% of people had not changed their router admin credentials from the out-of-the-box factory defaults. Ever. Why is this a problem? Well, it means that I likely know what your admin credentials are. By this, I don’t mean just “admin” and “password,” as you might expect. Any half-savvy hacker knows how easy it is to find specific default credentials for almost any make and model of router. There are even search engines devoted to just this task. But it gets worse. Broadband Genie also reported that 56% of internet users had never re-configured any of the default router settings. None. 89% had never updated the router firmware either. Leaving any newly found vulnerabilities right there as they were in the factory. All of which explains why IBM’s X-Force threat intelligence analysts have issued the router reality check warning. “Why put the time and effort into creating phishing emails and stealing staff data,” Doug Bonderud, writing at the IBM X-Force Security Intelligence blog, said, “when supposedly secure devices can be accessed using admin and password as credentials?”
The Rising Risk Of Router Attack
Warning of the rising risk of router attack, Bonderud said that attackers managing to compromise routers can control inbound and outbound network data, introducing risks including the redirection of users to malicious web pages, the ability to execute attacker-in-the-middle data-stealing attacks, distributed denial of service attack exploitation as part of a larger botnet of compromised routers such as the Matrix and the monitoring of user behavior. “The nature of router attacks also makes them hard to detect,” Bonderund warned, “this is because cyber criminals aren’t forcing their way into routers or taking circuitous routes to evade security defenses.”
In my last report on the dangers of router credential defaults, Alex Toft, Broadband Genie’s resident broadband expert, said that leaving the password as the default is the easiest way for someone to gain access to your router, and it represents “an open invitation to nefarious characters to snoop around and take what’s yours.” The point is that this isn’t a difficult thing to mitigate because If you choose a suitably strong password, there’s absolutely no need to change it again unless you have reason to believe it has been compromised. You can use a password manager to both create such a password and store it securely, so remembering it when you need to use it is not an issue.
