Amid a pandemic, several security issues were already reported for the past months. Whether hardware or software-based, any breach in the online world results in either repair or malware used to steal personal info such as credit cards or social media passwords. If you think you’re safe, think again. Your Internet router may be the one stealing your info! Here’s a warning to all.
If you have access to the Internet at home, you most probably have your Internet router. Here’s a warning, though.
On Wednesday, July 8, TechRadar reported about a specific security issue that might have been stealing your info through your router. New research found out that many of the sold Internet routers nowadays do not have any single security firmware update since its production.
Germany’s Fraunhofer Institute for Communication (FKIE) studied 127 home routers from seven well-known brands in the market involving Netgear, ASUS, AVM, D-Link, Linksys, TP-Link, and Zyxel. The study shows that 46 out of the 127 total home routers do not have any security update patches.
This means that millions of internet users could be victims of a security breach once hackers tried to open access through unprotected routers.
FKIE’s targeted five important inquiries about the firmware study. First, they assess each manufacturer’s approach to cybersecurity. These included the date since the last firmware update was released; how old are the OS versions running these routers; the use of exploit mitigation techniques; whether private cryptographic key material isn’t private; and the presence of hard-coded login credentials.
“The updated policy of router vendors is far behind the standards as we know it from desktop or server operating systems,” the FKIE noted in its report. “Numerous routers have passwords that are either well known or simple to crack – or else they have hard-coded credentials that users cannot change.”
READ ALSO: Do You Know that You Can Prevent Hacker’s Malware by Adjusting Screen Resolution?
Linux not updated on most home routers
Another dangerous thing that the FKIE found during the investigation is the fact that 90% of all brands of home routers have not updated their Linux security patches for more than five years now.
Linux is an open-source operating system that is mostly used to protect home routers from any disturbances outside of the access system.
“Linux works continuously to close security vulnerabilities in its operating system and to develop new functionalities. Really, all the manufacturers would have to do is install the latest software, but they do not integrate it to the extent that they could and should,” said Johannes vom Dorp, a scientist at FKIE’s Cyber Analysis & Defense department.
The companies mentioned have not yet commented on the issues.