Internet routers: New front in fight against cybercrime

A technician installs home internet.

A technician installs home internet.

Photo credit: Shutterstock

The router you use to connect to the internet could be exposing you to cyberattacks by hackers who will not only affect your work at home or organisation but can also move beyond email compromises to physical home security.

This is according to the latest analysis conducted by global cybersecurity company, Kaspersky, that established over 500 vulnerabilities, out of which 87 were flagged as critical vulnerabilities, in routers in 2021.

The study found that a whopping 73 per cent of users never thought about upgrading or securing their router making it one of the biggest threats impacting the Internet of Things today.

Critical vulnerabilities are the gateway through which an intruder can penetrate a home or corporate network. They make the router much easier to hack, which gives the opportunity to get round password protection features (such as Captcha or a limited number of login attempts), run third-party code, bypass authentication, send remote commands to the router or even disable it. Operators are able to steal any data or files transmitted over an infected network, whether it’s your personal photos, private information, or even business contracts sent in an email.

So serious is this issue that, early this year, an American security researcher, identified only as PX4, effectively cut off the whole North Korea from the internet by exploiting unpatched vulnerabilities in critical routers and other network equipment.

Such actions are especially dangerous when routers are used in sensitive environments such as hospitals or government buildings, where a data leak could potentially have a severe impact.

Though researchers are now raising awareness about many more vulnerabilities than before, routers remain one of the most insecure devices. Unfortunately, not all vendors are rushing to fix even critical vulnerabilities with almost 30 per cent of the identified 87 critical vulnerabilities published in 2021 still remaining unpatched and unreported by the vendor.

Another 26 per cent of such vulnerabilities received only a comment from the company, which most often include recommendations to contact technical support.

By infecting a router, attackers gain access to the network through which data packets are transmitted. They can install malware on connected computers to steal sensitive data, private photos, or business files.

Hackers can also redirect users to phishing pages masquerading as often-used webmail or online-banking sites. Any data they enter on these pages, whether it’s their login and password from the email or bank card details, will immediately fall into the hands of fraudsters.

Since 2010, the number of vulnerabilities found in routers has been steadily increasing. In 2020, they increased to 603, about thrice as many as 2019. In 2021, the number of discovered vulnerabilities remained almost as high (506). Despite increased attacks, consumers and small businesses don’t have the expertise or resources to identify or understand a threat before it’s too late.

Maria Namestnikova, head of the Russian Global Research and Analysis Team at Kaspersky noted that, despite the speed with which technology is coming into our lives, the level of cybersecurity hasn’t kept pace. She also pointed out that many employees have been working from home for the past two years, but the security of routers has not improved and are rarely updated.

“The risk that router vulnerabilities could be abused by cybercriminals remains a concern in 2022. What’s important is to prevent a threat as early as possible, since people usually find out about an attack when it’s too late,” she said.