Wi‑Fi security – routers “like fish in a barrel”

Researchers flexed their hacking muscles at DefCon 22 to hunt the technology world’s most defenceless beasts - routers. More than a dozen new vulnerabilities were found.

Researchers flexed their hacking muscles at DefCon 22 to hunt the technology world’s most defenceless beasts – routers. More than a dozen new vulnerabilities were found.

Researchers flexed their hacking muscles at DefCon 22 for a hunting competition against the technology world’s most defenseless beasts – routers. Sure enough, more than a dozen new vulnerabilities were found.

PC World described the devices – the portal into most home networks – as “insecure as ever” as hackers romped through challenges against big-brand devices from Linksys, Netgear, D-Link, Belkin and others.

Once again, the routers proved weak foes – with more than a dozen new vulnerabilities found at the DEF CON 22 competition, according to ISP Review.

The SOHOpelessly Broken contest challenged researchers to crack into routers with zero-day attacks, and extract information from others. In total, 15 new flaws were found – eleven by one researcher.

Routers have come under scrutiny from security researchers in the past year, after a series of demonstrations showed ways to break into the devices.

Wi-Fi security: ‘Hopelessly broken’

Many popular models of wireless router from brands such as Linksys and Netgear were vulnerable  to a ‘backdoor’, which could allow attackers access to the router’s admin controls, according to a report by Ars Technica – offering full access to the network.

The backdoor, in various models of wireless DSL router, could allow an attacker to reset the router and, “commandeer a wireless access point and allow an attacker to get unfettered access to local network resources,” Ars reported. “The backdoor requires that the attacker be on the local network, so this isn’t something that could be used to remotely attack DSL users.”

The report follows the discovery of a serious “backdoor” vulnerability in various D-Link models. Another report suggested a majority of the top-selling routers on Amazon had known vulnerabilities.

The SOHOpelessly Broken contest aims to highlight these flaws. The Electronic Frontier Foundation hopes to create open-source firmware for routers which will offer increased security.

“By demonstrating that the issues persist and that consumers are still exposed, pressure will be applied to the manufacturers to take the necessary action to better protect their customers who are currently not empowered to protect themselves,” says Steve Bono, founder of ISE (Independent Security Evaluators).

Routers often have low profit margins, and thus are shipped with known vulnerabilities, particularly the cheaper models known as small office/home office routers, ISE claims.

 Wi-Fi attacks: Fighting back

Even normal home routers don’t have to be totally defenseless: ESET offers a video guide, and rule one is “change that password.” If it’s ‘password’, your neighbor can get in, never mind criminals.

Failings by IT staff worsen these risks, the report found, according to Infosecurity Magazine‘s report. A study of 653 IT and security professionals and 1,009 remote workers found that 30% of IT professionals and 46% of remote workers do not change default passwords on their routers, and that nearly half of workers polled use WPS, an insecure standard that makes it easy for criminals to ‘crack’ passwords.

But simply changing your username is a first step: ESET Senior Research Fellow David Harley says that users should always, “Change default router administrator usernames and passwords, and change the default SSID.”

The SSID is the name of the network – which is broadcast to anywhere within Wi-Fi range. Leaving it as a default can broadcast information that is useful to an attacker – such as the model of router you are using, or whether you are using one supplied by your ISP. When choosing a new network name, avoid any personally identifying information such as your name or house number.

It’s worth considering making yours a “hidden network” – disabling the broadcast of the SSID’s name. That way you’re less visible to attackers – and to connect new devices, simply type in your network’s name on the gadget.

Harley warns that these precautions can be wasted if your router’s software is updated – which can occasionally revert settings to the default. “After any update, check these settings have not reverted,” he says.


Sign up to receive an email update whenever a new article is published in our Ukraine Crisis – Digital Security Resource Center