Most people have a home network these days which connects their computers and tablets, allows them to stream video from their Smart TVs, and surf the web from their phones using their home network rather than their cellphone’s data plan.
If you have a home network then you should keep reading. Recently security researchers tested nine of the most popular WiFi routers on the market today and found a staggering 226 security flaws even on routers that were running the latest firmware.
The routers tested are offered by some of the biggest names in the industry including D-Link, Netgear, Asus, AVM, Edimax, TP-Link, Linksys, and Synology. These are used by millions of people around the world. In terms of total numbers the worst offender was TP-Link’s Archer AX6000 router which was found to have 32 security issues. The Synology RT-2600AC was right behind it with 30 security flaws ripe for exploitation.
The research was conducted by IoT Inspector in collaboration with CHIP magazine and the group focused specifically on models popular with home and small business users.
Florian Lukavsky Founder of IoT Inspector had this to say about the project:
“For Chip’s router evaluation, vendors provided them with current models, which were upgrade to the latest firmware version. The firmware versions were automatically analyzed by IoT Inspector and checked for more than 5,000 CVEs and other security issues.”
Although a broad range of issues were discovered in the routers tested broadly speaking they fell into several common categories.
The most common issues included:
Outdated Linux kernel in the firmware
Outdated multimedia and VPN functions
Over-reliance on older versions of BusyBox
Use of weak default passwords like “admin”
And the presence of hardcoded credentials in plain text form
Whatever model you purchased the two biggest and best things you can do to make your router more secure are changing the password on first use and enabling automatic updates. It’s by no means a perfect solution but it will go a long way toward minimizing your risk.