Researchers they discovered 125 security vulnerabilities in 13's popular SOHO router and NAS devices, making these models vulnerable to remote attacks and thus endangering millions of users.
The research by Independent Security Evaluators (ISE), an independent security consulting firm, ranged from widely used models to high-end enterprise-grade devices, with the focus being primarily on devices from well-known and trusted manufacturers.
Each of the 13 devices was found to contain at least one security vulnerability in the Web Application, which could be used by an intruder to gain remote access to the device or control panel, and from there, to further attacks within a home or corporate network.
Gaps in authentication and authorized access issues were also identified. ISE reported the research findings to the manufacturers, some of whom rushed to fix the problems, but some did not respond in time.
These findings show that routers can be attacked fairly easily, making them the Achilles' heel of overall Internet security. For this reason, and regardless of the model used, ESET recommends that each user take some time and check five key points in a router's security.
Password. Many users are not in the process of changing it password when installing the router on the network, however, the pre-installed codes of all the router can be easily found with a simple web search. For this reason, strong usernames and usernames need to be changed and used.
Creating separate networks. Most modern routers offer the ability to create separate network for each purpose, while some models have firewalls that allow you to analyze incoming and outgoing traffic and determine which connections are allowed. These functions can separate the most 'sensitive' devices or isolate some of the rest of the network.
Disable unused services and features. If remote access to the network is not necessary, secure protocol management services (SSH, HTTPS) and disabling any unused function, as well as disconnecting all connected devices such as camera, microphone, etc. This closes the backdoors to hackers and nosy neighbors.
Regular check. In order to be able to detect unusual behavior or detect a potential intruder, the network owner must be constantly able to identify how many and to which devices they are connected, which is achieved if there is little time for verification at regular intervals.
Update firmwareOn the router, as with most IoT devices, its updates operating system they don't happen automatically, so the user needs to know the router model and firmware version to visit the manufacturer's site and check if there is an update to install.