Many Popular Routers Can Easily Be Hacked
One might reasonably expect routers to be bastions of security, but in reality, they're quite easy to attack. A study from the Independent Security Evaluators website determined that 13 of the most popular small office/home office (SOHO) routers contained vulnerabilities that made hacking anywhere from feasible to effortless.
Researchers evaluated the Linksys WRT310Nv2, Belkin F5D8236-4 v2, Belkin N300, Belkin N900, Netgear WNDR4700, TP-Link WR1043N, Verizon Actiontec, D-Link DIR-865L and five other routers yet to be revealed. They then assessed each router based on attacks from a Remote Adversary (an attacker anywhere on the Web) or a Local Adversary (an attacker logged into the network).
Each router earned a rating based on which kind of attacks it allowed: "Trivial" attacks can occur without any action on the user's part. "Unauthenticated" attacks require a user to click on a malicious link, but do not require access to the router's login information. "Authenticated" attacks require a hacker to know the router's credentials (although this is not uncommon, since many users never change their default settings).
The findings indicate that no router is perfectly safe, and a few are downright vulnerable. All 13 routers are vulnerable to local network attacks, and 11 of them are susceptible to Web attacks. Two of them allowed Unauthenticated online attacks, and four routers earned an ignominious Trivial rating over a local network.
This is not the first time that a Linksys router has come under fire recently. Last week, independent researcher Phil Purviance discovered a significant flaw in the consumer-grade N600 router.
Of the named routers, the Belkin N300 and Belkin N900 were the most unsafe, both allowing Trivial, Unauthenticated and Authentic attacks locally, and Unauthenticated and Authentic attacks remotely. One other router allowed Trivial local hacks, but ISE has not yet revealed which one.
The Netgear WNDR4700 had a spotless remote record, but fell down completely in local rankings, allowing all three rankings of potential hacks. Otherwise, routers performed similarly, allowing only Authenticated attacks both locally and remotely. [See also: 6 Ways to Get a Stronger Wi-Fi Signal at Home]
End-users don't have many options at their disposal to deal with these issues. As with any device, keeping the firmware up to date and changing the default username and password will lock out the vast majority of attacks. ISE also recommends disabling remote administration, logging out and clearing cookies after each router login and (of course) avoiding suspicious links.
Hacks in SOHO routers are also not as common as you might think. SOHO users are, essentially, members of everyday private Wi-Fi networks. These networks do not present attractive targets for hackers, since big businesses promise more tempting rewards.
If you're a network administrator in a small business, keep tabs on who logs into your network. Beyond that, keep an eye out for your current router's next firmware update, and be sure to research the security parameters on your next one.