Beware! There are serious safety breaches in home routers. 15 percent of routers are only protected with a weak password and the default username “admin”. A comprehensive test by the security experts from security software maker ESET, have now found in a comprehensive test.
12,000 routers were examined anonymously and the result is frightening. In addition to the many routers that lack a secure password, almost seven percent of the routers have a security vulnerability in the software. This makes the routers a gateway for hackers.
Security gap leads to hacker espionage
The problem with the router is vulnerability: attackers can access using the device’s firmware. The router still works, but hackers and other unwanted properties are hiding in the background.
The hackers can spy on un-encrypted data traffic. And not just from the device to the Internet. Also from device to device within the house. Even the user’s browser sessions can be manipulated by redirecting malicious websites.
Arbitrary commands to the operating system
According to ESET, about 40 percent of vulnerabilities are attributed to security gaps in command input.This allows arbitrary commands to be executed on the operating system of the computer.
In addition, cross-site scripting (XSS) made up ten percent of software vulnerabilities. XSS refers to the exploitation of a security gap. In doing so, untrustworthy information is inserted from one context into another, and so is classified as trustworthy. This is particularly tricky, as the attackers can change the settings of the router to perform damaged scripts.
Loop holes for hackers also provide open network ports, since they port holes in the firewall and open the door for hackers. When examining these network ports, ESET found out that 20 percent of the evaluated routers were vulnerable.
How do you close the security gap in the router?
We have some tips for you on how to close the security holes in the router and protect your router against attacks:
- Administrator Password : The password code that is supplied in the settings menu as default by the manufacturer is often the same. The password protection, on the other hand, is not activated at all. Here you have to set an individual, secure password. How to create a very secure password that is still easy to remember.,
- Remote maintenance : You should turn this function off in the settings. If you can configure the router out of the home network, this should be enough.
- Encryption : Many devices have factory unprotected wireless networks. You should definitely choose a corresponding safety standard.
- WLAN password : Preset wireless passwords are often uncertain. Choose your own and secure password.
- Guest-Fi : Most routers can build a second wireless network. With a guest WLAN you can separate devices and users from the rest of the network, if they are not trustworthy. Of course, you also have to secure the guest WLAN properly.
Regular router updates must not be neglected
You should never neglect regular security and firmware updates for your router. Also, you can scan your home network with a new feature of ESET and make it more secure. Malicious settings detect the feature and the security hole are closed.