IBM X-Force warns that router passwords need to be changed.
Attackers are in an ideal position to compromise networks thanks to supposedly secure devices protected by default credentials. That’s according to a new report by threat intelligence experts at IBM’s X-Force unit, which warns that a reality check on routers is needed after research revealed that 86% of routers still use administrator credentials by default. Here’s what you need to know and do.
A Router Reality Check Can Protect You From Hacking Attacks
As I reported at the time, researchers at Broadband Genie recently revealed that 86% of people had not changed their router’s administrator credentials from the factory default settings. Never. Why is this a problem? Well, that means I probably know your admin credentials. By this, I don’t just mean “administrator” and “password”, as one might expect. Any half-savvy hacker knows how easy it is to find specific default credentials for almost any make and model of router. There are even search engines dedicated solely to this task. But it’s even worse. Broadband Genie also reported that 56% of internet users have never reconfigured the router’s default settings. None. 89% had also never updated router firmware. Leaving any newly discovered vulnerabilities there as they were in the factory. All of this explains why IBM’s X-Force threat intelligence analysts issued a router reality check warning. “Why spend the time and effort creating phishing emails and stealing personnel data,” said Doug Bonderud, writing on the IBM X-Force Security Intelligence blog, “when supposedly secure devices are accessible using administrator and password as credentials?”
The Growing Risk of Router Attack
Warning of the growing risk of router attacks, Bonderud said attackers who manage to compromise routers can control incoming and outgoing network data, introducing risks including redirecting users to malicious web pages, the ability to execute data from the attacker in the middle. theft attacks, exploiting distributed denial of service attacks as part of a larger botnet of compromised routers such as Matrix, and monitoring user behavior. “The nature of attacks on routers also makes them difficult to detect,” Bonderund warns, “because cybercriminals do not break into routers or take circuitous routes to evade security defenses.”
In my last report on the dangers of default router credentials, Broadband Genie’s resident broadband expert Alex Toft said that leaving the password default is the easiest way for someone to ‘access your router, and this represents “an open invitation for nefarious characters to snoop and take what’s yours.” The fact is that this is not a difficult thing to mitigate, because if you choose a strong enough password, there is absolutely no need to change it again unless you have reason to believe that it has been compromised. You can use a password manager to create such a password and store it securely. So remembering it when you need to use it is no problem.