15 Percent of All Routers Use Weak Passwords, 20 Percent Have Open Telnet Ports

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
There's a reason why a large piece of the Internet went down last week after a DDoS attack on a key DNS service provider, and the reason is poor equipment design.

While Internet of Things (IoT) devices such as DVRs, CCTV systems, IP cameras, baby monitors, and others are to blame and have played a major role in recent DDoS attacks, there is another type of equipment that also regularly contributes to DDoS botnets.

Those devices are home (SOHO) routers, which some experts wrongfully categorize as IoT when they're just your regular networking equipment that's been around years before the concept of IoT even appeared.

You'd think that because hardware manufacturers have been building such devices for so long, they'd know how to do it by now. Unfortunately, you're wrong, because these companies put costs above everything else, and security always takes a backseat in exec boardrooms.

As such, we have millions of insecure routers all over the globe, which can easily be turned against us.

ESET scanned 12,000 routers
Slovakian cyber-security firm ESET has set out to find out how many of these routers are improperly designed. With data from 12,000 customers that have agreed to share details about their home routers, ESET paints a grim picture of the router landscape.

After performing local scans and aggregating all the details, ESET says it discovered that 15 percent of all tested routers used a weak factory-default password that can be easily brute-forced.

If that wasn't bad enough, ESET also discovered that 20 percent of the tested routers exposed their Telnet port to the Internet, which is like a big red blinking sign pointing to your router.

One in ten routers runs faulty firmware
An additional 7 percent of routers also run firmware that includes medium and high severity vulnerabilities, which attackers can exploit and take over the device.

Of these vulnerabilities, the vast majority, 53 percent, are so-called bad access rights flaws, or authentication bypasses that allow an intruder to access parts of the router's management console where he shouldn't be able to reach.

Another large chunk of flaws, 39 percent, are command injection vulnerabilities that allow an attacker the chance to execute code on the router, a situation just as dangerous as the first.

"The results clearly show that routers can be attacked fairly easily, by exploiting one of the frequently found vulnerabilities," ESET's Peter Stancik says. "This makes them an Achilles heel in the overall internet security of households, as well as small businesses."

 
L

LabZero

People do not give the right importance to the security configuration of the router, also considering that many routers have a "plug in and go" setup.
A thorough review of security settings would be very useful, but know-how is the problem.
There are two different planets: the attackers and the victims.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Misconception: Many firms, taught that they should implement security measures through internal however the usual attacks came from external.

So people should aware the available options to secure it well.
 
  • Like
Reactions: shukla44

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top