Wireless routers are now omnipresent at home and in the office. But the sparking devices are often full of bugs. According to a Kaspersky study, 500 vulnerabilities were found in Wi-Fi access points in 2021, including 87 critical ones. […]
Every day, millions of new routers are set up for WLAN connections in private households and at workplaces. However, the Wi-Fi access points are not immune to security vulnerabilities. According to a recent Kaspersky analysis, a total of over 500 vulnerabilities were discovered in Wi-Fi routers in 2021 – including 87 critical ones. The threats posed by vulnerable routers range from email compromise among home users and businesses to the physical security of households.
Central entrance gate
But the biggest problem is that the routers are hardly maintained and provided with the necessary patches. According to the study, 73 percent of respondents have never thought about upgrading or protecting their router. This makes the devices one of the biggest threats of the Internet of Things.
Because routers are the node of a home network, through which all devices of a smart home access the Internet and exchange data. By infecting a router, attackers gain access to this network.
This allows you to install malware on the connected computers and devices to steal sensitive data, private photos or business files – and possibly cause irreparable damage to the user.
Attackers can also redirect users to phishing sites masquerading as frequently used webmail or online banking sites. All data entered on these pages – be it access data, passwords or bank card information – then falls into the hands of cybercriminals.
Manufacturers often do not eliminate hazards
Although researchers are now drawing attention to many more vulnerabilities found than in the past, Wi-Fi routers are still among the least secure technical devices. One of the reasons for this is that some manufacturers do not immediately eliminate existing hazards.
Thus, almost a third of the critical security vulnerabilities discovered in 2021 remained without any reaction on the part of the manufacturers. They did not release any patches or recommendations. For another 26 percent of such vulnerabilities, only the recommendation to contact technical support was made.
In addition to an increasing activity of attackers, private users and small companies usually do not have the expertise or resources to detect a threat in time and avert damage. The fact that, as mentioned, almost three quarters of users have never thought about upgrading their router is a risk, especially in sensitive environments such as hospitals or government buildings, where a data leak can potentially have serious consequences.
Kaspersky researchers therefore advise users to pay attention to security aspects when choosing routers. “When a router is purchased, network security should be as important as the speed of data transmission, ” therefore advises Maria Namestnikova, head of the Russian Global Research and Analysis Team (GReAT) at Kaspersky. “Users should read product reviews and pay attention to how quickly manufacturers react to threats. In addition, they should update their devices as soon as patches are available to prevent the loss of sensitive data and money, “ she adds.