According to an analysis conducted by Kaspersky, over 500 vulnerabilities were discovered in routers in 2021, included 87 critical
Τrouters are required for connections Wi-Fi, as millions of new devices are installed daily in homes and workplaces. Threats from vulnerable routers affect both households and organizations, as they are not limited to email breaches and may even affect the physical security of the home.
However, people rarely think about the security of their devices. According to research, the 73% users has never considered upgrading or securing their router, making it one of the biggest threats to Internet of Things today. Here, its experts Kaspersky explain what threats the router vulnerabilities can be and how users can be protected.
The router is the node of an entire home network, through which all the components of a "smart" home have access to the internet and exchange data. By infecting the router, attackers gain access to the network through which data packets are transmitted. Using this, they can install malware on connected computers to steal sensitive data, private photos or business files - possibly causing irreparable harm to the victim.
Through the infected router, the attacker can also redirect users to pages Phishing "disguised" as frequently used webmail or online banking services. Any data they enter on these pages, whether it is their login and password via email or bank card details, will immediately fall into the hands of fraudsters.
Since 2010, the number of vulnerabilities detected in routers has been steadily increasing. In 2020, the number of vulnerabilities discovered increased to 603, about 3 times more than the previous year. In 2021, the number of vulnerabilities discovered remained almost as high - 506. Of all the vulnerabilities discovered in 2021, 87 were critical. Critical vulnerabilities are the most vulnerable "holes" through which an attacker can penetrate a home or corporate network.
Such vulnerabilities can allow an attacker to bypass authentication, send remote commands to a router, or even disable it. This way, operators can steal data or files that are transmitted through an "infected" network, whether it is personal photos, private information or even business contracts that are sent via email.
Although researchers are now raising awareness about many more vulnerabilities found than in the past, routers remain one of the most insecure devices. One of the reasons for this is that not all sellers are in a hurry to eliminate the risks. Nearly a third of the critical vulnerabilities discovered in 2021 remain unanswered by vendors: no patches or annotations have been issued with advice from them. One more 26% received only one comment from the company, which, in most cases, includes recommendations for contacting technical support.
In addition to the increased activity of attackers, consumers and small businesses do not have the know-how or resources to detect or understand a threat before it is too late. For example, as mentioned, the 73% users has never considered upgrading or securing their router, making it one of the biggest threats affectingInternet of Things»Today. This is especially dangerous when routers are used in sensitive environments, such as hospitals or government buildings, where a data leak could have a potentially serious impact.
Therefore, the risk of cybercriminals abusing the router's vulnerabilities remains a concern in 2022. What is important is to prevent a threat as early as possible, as people usually detect an attack when it is too late - since they already have the money stolen
. When buying a router, network security should be as much a priority as data transfer speed and price. Read reviews and note how quickly the manufacturer resolves reported issues. And don't forget to update your router once the developer releases a patch to avoid losing sensitive data and money. , comments Maria Namestnikova , Head of Kaspersky 's Russia Global Research and Analysis Team (GReAT).
To protect your router from cybercrime attacks, Kaspersky recommends:
- Buying second-hand smart devices is an unsafe practice. Their firmware could have been modified by previous owners to give a remote intruder full control of your "smart" home.
- Do not forget to change the default password. Prefer a composite and change it regularly.
- Do not share serial numbers, IP addresses or other sensitive information about your "smart" devices on social networks.
- Use WPA2 encryption - it is the most secure for data transfer.
- Disable remote access to router settings. If remote access is still required, you should turn it off when not in use.
- For added security, you can select a static IP address and turn off DHCP, as well as protect Wi-Fi with a MAC filter. These steps lead to the need to manually configure the connection of various additional devices to the router, so that the process becomes longer and more complicated. However, it will be much more difficult for an attacker to penetrate the local network. Be aware and always check for the latest information on router vulnerabilities discovered.
- Once you have decided to purchase a particular application or device, make sure you stay up to date with updates and vulnerabilities. Install all the updates released by the developers in a timely manner.
- Consider installing a special security solution that can help protect your home network and all connected devices.
Press Release
Do not forget to follow it Xiaomi-miui.gr on Google News to be informed immediately about all our new articles! You can also if you use RSS reader, add our page to your list by simply following this link >> https://news.xiaomi-miui.gr/feed/gn
Follow us on Telegram so that you are the first to learn our every news!
