Poor Router Security is Making Indians Vulnerable to Cyberattacks

By SiliconIndia   |   Tuesday, 24 July 2018, 06:09 Hrs
cmt right
Comment Right
cmt right
cmt right
Printer Print Email Email

New research from Avast, the global leader in digital security, reveals that 32 percent of Indians have never logged into the web administration interface to change the factory login credentials. Another concerning finding is that nearly one fourth (23 percent) of Indians have logged into their router?s web administration interface, but continue to use the default login credentials their router came with. Only 44 percent of Indians have changed the login credentials of their router?s web administrative interface. Of those who logged into their router?s web administration interface, 65 percent surveyed have never updated their router?s firmware.

The research was carried out to better understand the public?s knowledge of router security which is often overlooked as people pay more attention to the devices they are using.

Late May, an estimated 700,000 routers around the world were diagnosed as vulnerable to malware with SSL stripping capabilities. Known as VPNFilter, this modular malware contains man-in-the-middle (MiTM) attack capabilities designed to inject malicious payloads into web traffic. It has the capability to scan incoming and outgoing web traffic on the user?s network to collect passwords and other sensitive information. To date, routers in 54 countries are affected, including Linksys, NETGEAR, D-Link, Huawei and Asus models.

It was also recently reported that the Satori botnet, a botnet that infects IoT devicesusing them to carry out DDoS attacks and to mine cryptocurrencies, is spreading by exploiting a vulnerability in D-Link DSL routers.

The research illustrates how attacks can take advantage of people?s lack of understanding of router security. Thirty-three percent of Indianconsumers admitted to logging into their router?s interface once a year or less to check for updates, while 39 percent said they had no idea their routers even had firmware - the pre-programmed software etched into hardware which requires updating to incorporate security patches.

?An individual?s local network is only as strong as the weakest link in the chain, and more often than not it is the router that is the greatest point of vulnerability,? said Martin Hron, Security Researcher at Avast.

?The router is frequently misunderstood or overlooked, but it?s arguably the most important device as it acts as the gateway to the internet. By connecting multiple devices and allowing them to share data with one another while managing incoming and outgoing web-traffic, it?s a natural target for bad actors who are intent on gathering sensitive personal information, such as bank login details, and exploiting the devices paired to it, such as IoT devices. As a bare minimum, people should be changing the default usernames and passwords on their routers as soon as they?re installed, and proactively check for firmware updates.?

Read more news:

How Google Glass-based solutions can empower autistic people in India?

Wipro opens third industrial
IT major Wipro Ltd on Thursday opened its centre of excellence for Industrial Internet of Things (..
Google's Gboard gets offline
Google is adding an Artificially Intelligent (AI) offline dictation feature on its Gboard keyb..
Facebook denies cyber attack
Facebook ruled out a cyber attack on its products Whatsapp, Instagram and Messenger, which suf..
IBM announces programme
n a bid to recognise the contribution of developers in the open source community, Information ..