Even though routers are one of the key elements of cyber security, these are an ideal target for cybercriminals. If an attacker gains control of a router, they can monitor, redirect, block or otherwise tamper with a wide range of online activities.
A new research from digital security firm Avast, reveals that 32% of Indians have never logged into the web administration interface to change the factory login credentials. Another concerning finding is that nearly one fourth (23%) of Indians have logged into their router’s web administration interface, but continue to use the default login credentials their router came with. Only 44% of Indians have changed the login credentials of their router’s web administrative interface. Of those who logged into their router’s web administration interface, 65% surveyed have never updated their router’s firmware.
The research was carried out to better understand the public’s knowledge of router security which is often overlooked as people pay more attention to the devices they are using.
Late May, an estimated 700,000 routers around the world were diagnosed as vulnerable to malware with SSL stripping capabilities. Known as VPNFilter, this modular malware contains man-in-the-middle (MiTM) attack capabilities designed to inject malicious payloads into web traffic. It has the capability to scan incoming and outgoing web traffic on the user’s network to collect passwords and other sensitive information. To date, routers in 54 countries are affected, including Linksys, NETGEAR, D-Link, Huawei and Asus models.
It was also recently reported that the Satori botnet, a botnet that infects IoT devices using them to carry out DDoS attacks and to mine cryptocurrencies, is spreading by exploiting a vulnerability in D-Link DSL routers.
The research illustrates how attacks can take advantage of people’s lack of understanding of router security. Thirty-three percent of Indian consumers admitted to logging into their router’s interface once a year or less to check for updates, while 39% said they had no idea their routers even had firmware – the pre-programmed software etched into hardware which requires updating to incorporate security patches.
“An individual’s local network is only as strong as the weakest link in the chain, and more often than not it is the router that is the greatest point of vulnerability,” said Martin Hron, Security Researcher at Avast.
“The router is frequently misunderstood or overlooked, but it’s arguably the most important device as it acts as the gateway to the internet. By connecting multiple devices and allowing them to share data with one another while managing incoming and outgoing web-traffic, it’s a natural target for bad actors who are intent on gathering sensitive personal information, such as bank login details, and exploiting the devices paired to it, such as IoT devices. As a bare minimum, people should be changing the default usernames and passwords on their routers as soon as they’re installed, and proactively check for firmware updates.”