Number: IRCNE2013041819
Date: 2013/04/18
According to “cnet”, the Wi-Fi router you use to broadcast a private wireless Internet signal in your home or office is not only easy to hack, says a report released today, but the best way to protect yourself is out of your hands.
The report, written by research firm Independent Security Evaluators of Baltimore, found that 13 of the most popular off-the-shelf wireless routers could be exploited by a "moderately skilled adversary with LAN or WLAN access." All 13 routers evaluated can be taken over from the local network, with four of those requiring no active management session. Eleven of the 13 can be taken over from a Wide-Area Network (WAN) such as a wireless network, with two of those requiring no active management session.
The report notes that all 14 of the devices had critical security vulnerabilities that could be exploited by a "remote adversary" and could lead to unauthorized remote control of the router.
Harrington further explained why router hacking could turn into a big problem. "What's notable about this is that if you compromise the router, then you're inside the firewall. You can pick credit card numbers out of e-mails, confidential documents, passwords, photos, just about anything," he said.
"We notified all vendors about all vulnerabilities that we found," said ISE security analyst Jake Holcomb. "We're in the process of receiving Common Vulnerability and Exposure (CVE) numbers" for tracking information security vulnerabilities.
- 2