New research indicates that thirteen routers on the market for the home and small office are fraught with security problems that make it possible for hackers to see and even make changes to network traffic.
A Baltimore-based security consultancy, Independent Security Evaluators (ISE), discovered that, for all of the routers tested, it was possible for the routers to be taken over if a hacker could access credentials.
Belkin, Linksys, D-Link and Verizon products were tested.
ISE warned that consumers can do little to prevent the attacks. They said that the average user doesn’t have the level of skill and sophistication needed for successful mitigation.
All of the models evaluated were run with the most recent firmware of the company and underwent the testing process using their default, out-of-the-box configurations.
To hackers, routers that are compromised are significantly valuable. Comprised routers allow a hacker to view unencrypted traffic and intercept the traffic of any user on that network.
ISE said that, through a ‘Man-in-the-middle’ approach, a hacker is able to launch increasingly sophisticated attacks on all users in the domain of the router.
ISE recommended that vendors ensure vulnerable firmware is upgraded and that registered product users are sent instructions for carrying out upgrades.