Just when you thought it was safe to go back in the water…
We now know that Russian hackers have millions of the world’s routers in their sites.
According to a joint announcement between the FBI, the Department of Homeland Security, and the UK’s National Cyber Security Center, state-sponsored hackers are scanning the internet for vulnerable routers.
The reason? Potentially for spying purposes, for stealing secrets or technology, or even to launch future attacks.
Should this be nicknamed “Russian Router Reconnaissance”?
According to Rob Joyce of the National Security Council, many home and office routers are targets, as well as firewalls and switches maintained by internet service providers (ISPs).
“We have high confidence Russia has carried out a coordinated campaign to gain access to enterprise, small office/home office routers known as SOHO routers, and residential routers, and the switches and connectors worldwide,” Joyce said.
Your Router Could Be at Risk
The announcement advises that the devices most vulnerable are older, unsupported routers or those with soft security. For example, routers still using the factory default password could be open to exploitation.
The joint warning explains that as hackers scour the internet for points of weakness, they can gain critical information about a router’s make and model. They can then use this information to determine which routers are vulnerable to a future attack.
Often gaining access to a router is as simple as entering the default password. Other techniques used by hackers to get in include overwhelming the router with multiple username and password combinations until it unlocks.
Once a hacker has access to a router, financial information, passwords, and other sensitive data can be stolen.
“Once you own the router, you own the traffic,” said the Department of Homeland Security’s Jeanette Manfra on a conference call. Manfra is the top cybersecurity officer at the DHS.
She explained that attacks on routers are potentially more damaging because routers generally don’t have the higher level of security that servers and computers have.
Authorities at the DHS have been aware of Russian hackers running scans on routers for at least two years, although it is not certain how many routers have been compromised.
An unnamed spokesperson for the UK government said, “The attribution of this malicious activity sends a clear message to Russia – we know what you are doing and you will not succeed.”
Know What to Do
As a consumer, you will have to take some responsibility for your own cybersecurity, because as Manfra puts it, the DHS can’t “protect every single device.” And manufacturers can only do so much.
According to the technical alert, here’s what you should do to protect yourself against hacking:
- Immediately change your router password from the default setting.
- Use different passwords on your different internet of things (IoT) devices such as appliances, cameras, and other gadgets.
- Replace unsupported devices and hardware for which there are no updates.
For their part, manufacturers are being asked to step up their security game as well. Officials say that new products should be designed with better security features, plus support should end for older, un-encrypted devices.
A Special Message From iSAFE
If iSAFE set up your router, you don’t have to worry whether it has the default username and password enabled. We always change that.
If you are one of our iSAFE Complete Technology Support (managed services) customers, then you can also rest assured that your hardware and firmware are updated regularly.
However, if you set up your own router, or if you are not an iSAFE Complete Technology Support customer, then we recommend you call us today at 859-200-0428 to schedule a review of your network hardware and security settings.
iSAFE can help protect you from Russian hackers plus assist you with many other IT issues. Call us with any questions or concerns. We’re always glad to help.
