The router you use to connect to the Internet could expose you to cyberattacks from hackers that not only affect your work at home or business, but also go beyond email breaches and physical home security This is according to the latest analysis from global cybersecurity firm Kaspersky, which found over 500 vulnerabilities in routers in 2021, 87 of which were flagged as critical vulnerabilities.
The study found that a whopping 73 percent of users have never considered upgrading or securing their router, making it one of the biggest threats to today’s Internet of Things.
Critical vulnerabilities are the gateway , which allows an intruder to enter a home or business network. They make the router much easier to hack, which provides the ability to bypass password protection features (like Captcha or a limited number of login attempts), run third-party code, bypass authentication, send remote commands to the router, or even disable it it. Operators are capable of stealing any data or files transmitted over an infected network, whether it’s your personal photos, private information, or even business contracts sent via email.
Also read: 14 billion Sh gangsters paradise – How Kenya became a playground for scammers
This problem is so serious that the beginning of this year, an American security researcher, identified only as PX4, effectively shut down all of North Korea from the Internet by exploiting unpatched vulnerabilities in critical routers and other network devices.
Such actions are particularly dangerous when routers are in sensitive environments such as hospitals or government buildings, where a data breach could occur can have serious repercussions.
Although researchers are now raising awareness of many more vulnerabilities than before, Ro uter one of the most insecure devices. Unfortunately, not all vendors are rushing to fix even critical vulnerabilities, as nearly 30 percent of the identified 87 critical vulnerabilities released in 2021 are still unpatched and unreported by the vendor.
Another 26 percent of such vulnerabilities were received only one comment from the company, which usually contains recommendations for contacting technical support.
By infecting a router, attackers gain access to the network through which data packets are transmitted. They can install malware on connected computers to steal confidential data, private photos or business files.
Also read: Uhuru opens Sh4bn forensic lab at DCI headquarters
Hackers can also redirect users to phishing pages masquerading as popular webmail or online banking sites. Any data they enter on these sites, whether it is a login and password from the email or bank card details, will immediately fall into the hands of scammers.
Since 2010, the number of vulnerabilities found in routers has been increasing steadily rising. In 2020, they rose to 603, about three times as many as in 2019. In 2021, the number of discovered vulnerabilities remained almost as high (506). Despite increasing attacks, consumers and small businesses do not have the expertise or resources to detect or understand a threat before it’s too late.
Maria Namestnikova, Head of Russia’s Global Research and Analysis Team at Kaspersky, noted that despite the speed at which technology is entering our lives, the level of cybersecurity has not kept pace. She also pointed out that while many employees have been working from home for the past two years, router security has not improved and is rarely updated.
“The risk of router vulnerabilities from Being abused by cybercriminals remains a concern in 2022. It is important to prevent a threat as early as possible, as people usually only find out about an attack too late,” she said.