Search in blog
How to use PrivateRouter's app with a DDWRT Router2558 viewsHow to use PrivateRouter's app with a DDWRT RouterRead more
Today is not a good day to be a SOHO WiFi router user – especially if your small home or home office router or network attached storage device is manufactured by Zyxel, ASUS, Buffalo, Seagate, or Netgear. An investigation conducted by ISE researchers found hundreds of vulnerabilities on 13 separate devices tested in search of flaws. Your brand may be affected, and a lack of proper security protocols may leave you vulnerable.
Who is ISE?
ISE, or Independent Security Evaluators, is a group of dedicated, non-biased independent researchers in Baltimore, Maryland who aim to help businesses and households keep themselves safe online. ISE works with companies who wish to fortify themselves against looming cybersecurity threats. ISE are essentially tech detectives with the brains of brilliant hackers. They pick apart devices and test them to find their weak points, release their findings to the manufacturers, and inform the public of their discoveries.
What Did Their Tests Show?
This test included over a dozen unmodified SOHO routers and network attached storage devices of common, popular makes and models. Many people use the affected devices at home, at work, or both.
Every device contained at least one vulnerability that could theoretically allow a hacker to remotely access the device or its admin panel. The most common vulnerabilities reported left the devices open to SQL injection attacks, cross-site scripting, and operating system command injection. These are all fairly simple for an experienced hacker. If someone really wants to see what you’re doing, they’re going to be able to gain access to your network.
ISE reached out to the manufacturers of the affected devices. Some responded, and others have not. It’s not always wise to rely on your device manufacturer to protect you. Groups like ISE often reach out and never receive acknowledgement of their findings. Some companies never release patches or fixes for glaring vulnerabilities. This leaves the burden of security and establishing privacy on the consumer.
Conclusion: Keeping Yourself Safe
Even if your device wasn’t found to contain a vulnerability, that doesn’t mean you’re free and clear forever. ISE doesn’t have the resources and manpower to test every single router and network attached storage device known to man. If your device doesn’t have any known vulnerabilities, you should still treat it like it does. It’s better to be safe than sorry – especially when loads of sensitive data is on the line.
Never use default passwords for any devices. This should be common knowledge at this point, but many people who set up devices on their own often forget to change their passwords to something lengthy and difficult.
The next smart step to take is to switch to a VPN router. VPN routers make your connection harder to intercept, interpret, or understand. If every device in your home is connected to a VPN router, it will be much harder (if not outright impossible) for someone to intercept any information or otherwise obtain unauthorized access to your network.