You're Viewing the Archives
Return to IVN's Frontpage

New Studies Reveal Security Risks in Household Internet Routers

by Beck Alleman, published

Internet routers

Most people would assume that their password-protected home routers are completely safe. New studies, however, show this is not necessarily the case.

The most prominent of these studies is one made by Independent Security Evaluations (ISE). In short, the ISE took 13 routers and tested them to see what kind of cyberattacks, if any, it would take to compromise the router's security and allow access to a potential hacker.

The results found that, locally, all 13 of the routers can be taken over with authenticated attacks, which are attacks where the attacker has access to the router's credentials or the victim is logged in during the attack.

The silver lining of these tests is "local" attacks require the hacker to be physically plugged into the router -- something that would not happen very often in households. The remote attacks, which are far more common, were slightly less vulnerable. Only two routers, both made by Belkin, were vulnerable to unauthorized attacks. Eleven others were vulnerable to the more uncommon authenticated attacks.

All of this means that routers have glaring security issues. Once a hacker gains access to a router, he or she can gain access to sensitive information.

"What's notable about this is that if you compromise the router, then you're inside the firewall," said ISE marketing head Ted Harrington. "You can pick credit card numbers out of e-mails, confidential documents, passwords, photos, just about anything,"

One way to help prevent router attacks is to understand the methods hackers use and come up with ways to counter them.

"Cross-site request forgery was the first component of all of our attacks. After that, our standard attack was to reset the administrative password to a known value, or add a new administrator, and then enable remote management," said ISE analyst Jake Holcomb. "Only when this was not possible (e.g., some routers require the old password as part of the request to change it) did we try other attacks."

The most common cyberattack, Holcomb said, was the cross-site request forgery, also known as the "one-click attack." This vulnerability allows unauthorized commands to be made from a user that the website trusts. An essay by Jesse Burns explains how this attack works:

"The basic idea of CSRF is simple: an attacker tricks the user into performing an action of the attacker’s choosing by directing the victim’s actions on the target application with a link or other content."

Thankfully, there are several tools out there for combating these vulnerabilities; one is the National Vulnerability Database. This site allows common weaknesses and vulnerabilities to be searched for in routers. Each router has its own set of weaknesses and once these weaknesses are identified, they can usually be remedied with correct updates or other security measures.

However, the best way to prevent router attacks is to simply practice common sense when using routers. This includes setting up a secure password and monitoring the router's use to ensure there is not more data being put through it than there should be.

"Since there are certain requirements to be met for these hacking methods to be successful, if you set up your router properly, and practice prudence while being online, chances are you're safe." said Dong Ngo, senior associate technology editor for CNET Review.

About the Author