The Wi-Fi router you use to broadcast a private wireless Internet signal in your home or office is not only easy to hack, says a report released today, but the best way to protect yourself is out of your hands.
The report, written by research firm Independent Security Evaluators of Baltimore, found that 13 of the most popular off-the-shelf wireless routers could be exploited by a "moderately skilled adversary with LAN or WLAN access." It also concludes that your best bet for safer Wi-Fi depends on router vendors upping their game. All 13 routers evaluated can be taken over from the local network, with four of those requiring no active management session. Eleven of the 13 can be taken over from a Wide-Area Network (WAN) such as a wireless network, with two of those requiring no active management session.
My router's not safe? Really?
"It is not a safe assumption to make that you're safe," Steve Bono, the company's CEO and principal security analyst, told CNET in a phone interview.
"It is not a safe assumption to make that you're safe," Steve Bono, the company's CEO and principal security analyst, told CNET in a phone interview.
The report notes that all 14 of the devices had critical security vulnerabilities that could be exploited by a "remote adversary" and could lead to unauthorized remote control of the router.
Before you dismiss router hacks as exceptionally rare, it's important to note that they've been a small but growing segment of computer security threats. In 2011, one firmware vulnerability affecting six hardware manufacturers combined with two malicious scripts and 40 malicious DNS servers to attack 4.5 million Brazilian DSL modems, with the goal of stealing bank and credit card information.
Craig Heffner, a vulnerability analyst at Maryland-based Tactical Network Solutions, said that he isn't familiar with the Brazil story but isn't surprised by it. "In a lot of countries, there's only one or two ISPs, and you get whatever router they give you," he said. "They often enable remote administration by default, so any vulnerability would be amplified."
And just yesterday, ReadWrite reported onwireless router hacking, based in part on research conducted by security firm Rapid7. ISE's study, while similar, reports "all-new findings," said ISE's marketing head, Ted Harrington.
Harrington further explained why router hacking could turn into a big problem. "What's notable about this is that if you compromise the router, then you're inside the firewall. You can pick credit card numbers out of e-mails, confidential documents, passwords, photos, just about anything," he said.
He added that ISE plans to release additional information from the study in the coming weeks, following the routine security community best practice of giving vendors a chance to respond to vulnerabilities that have been uncovered before publishing them.
"We notified all vendors about all vulnerabilities that we found," said ISE security analyst Jake Holcomb. "We're in the process of receiving Common Vulnerability and Exposure (CVE) numbers" for tracking information security vulnerabilities.
Some vendors, Holcomb said, got back to ISE quickly and had beta firmware with fixes ready to test within 72 hours. "Other vendors escalated their Tier 1 support up the chain but we never heard back from them," he said.
While none of the trivial attacks -- the weakest ones -- worked from a remote adversary, they were successful about one-third of the time from a local attacker. Unauthenticated attacks were rarely successful from a remote attacker, but locally reached the same level of completion as local trivial attacks. Authenticated attacks were almost always successful from both adversaries. "When you're remote, there's very little attack surface," explained Tactical Network Solutions' Heffner.
Routers tested included units such as the Linksys WRT310Nv2, Netgear WNDR4700, Belkin N300 and N900, TP-Link WR1043N, and Verizon Actiontec, but Heffner cautioned that this was no guarantee that your router wouldn't be affected. "In my experience... you should worry about your router. If my device is in this list, you should be concerned. If not, you still may want to be concerned, although it's more difficult to say."
The report noted several caveats. Client-side attacks were considered fair game, as long as they were running in a browser and based in HTML and JavaScript. The routers were not extensively tested for other vulnerabilities, and none of them had the remote administration features activated by default.
This means that although many modern routers come with the ability to control them when not directly connected to the network, that feature is not active by default. Activating it decreases the router's security level. Also, before testing, the firmware for all the routers tested was upgraded to the most recent version.
What you can do
There's not much outside of common-sense behavior that you can do to make your router more secure.
There's not much outside of common-sense behavior that you can do to make your router more secure.
Dong Ngo, a CNET Reviews senior associate technology editor and a wireless networking expert, was skeptical that many people would be affected by router hacks -- provided they follow some basic steps for securing their router. Part 5 of his home networking guide has some advanced security tips from Step 4 onward.
"Since there are certain requirements to be met for these hacking methods to be successful, if you set up your router properly, and practice prudence while being online, chances are you're safe." Ngo said.
ISE analyst Jake Thompson also has some easy-to-implement tips, including some obvious ones like making sure that you change the router's default username and password credentials. However, he cautioned, not all router firmware lets you change the username. "We also recommend that people use WPA2" security protocol, over WEP, he said.
ISE chief Bono advised that people change the router's IP address to be non-standard when possible, while Holcomb added that good precautions to take include updating your firmware after buying your router, and clearing your browser cache and cookies after changing any router settings.{Tech-Wolfs}.
No comments:
Post a Comment