Coming Soon to An Internet Provider Near You: Infected Routers!
One of the latest attacks to be unleashed upon the public: routers infected by internet-of-things botnet-building malware such as Mirai.
One of the latest victims is London-based TalkTalk, or, to be precise, many of its broadband customers who were issued routers that contain a vulnerability now being exploited by at least one Mirai variant. Security researchers report that the vulnerability appears to relate to a poor implementation of the TR-064 “LAN-Side DSL COE [Consumer Premises Equipment] Configuration” protocol in its routers.
Although TalkTalk has begin to fix the vulnerability, infected routers are already being used as IoT launch pads for distributed denial-of-service (DDoS) attacks. Researchers at the security firm Incapsula reported in a December 7/16 blog post that one of its customers (an unnamed bitcoin website) was hit with a DDoS attack on December 5th. Incapsula states it traced the attack back to 2,398 Mirai-infected TalkTalk routers located in the U.K.
Another security researcher, speaking on condition of anonymity, told the BBC that he’d exploited the flaw in TalkTalk routers to scrape 57,000 subscribers’ devices and retrieve each one’s service set identifier (SSID) code and media access control (MAC) address, as well as Wi-Fi password. The researcher said his intention was to highlight that a malicious attacker could have also gained access to the devices, for example, to infect them with Mirai malware, which is known to target known vulnerabilities (including default access credentials) in dozens of different types of routers and other internet-connected devices, including digital video recorders and IP cameras.
Think just because this happened in the U.K. that you shouldn’t worry? Think again.
Most routers are very similar, no matter where you live. The UK just happened to be targeted first…this time. And you can bet that the U.S. and Canada aren’t far behind.
Most people do not change the default settings, including default password, from the one which comes with their equipment. This provides quick & easy access to your equipment, information, and your business.
A lot of small businesses tend to try to save money by doing their own IT, or by having a friend or family member that “knows a bit about computers” do it. I’m all for saving money, but on the right things. If you partner up (yes, your IT person should feel like a partner) with the correct IT company, they can help you protect your business, while saving you money by cutting out stuff you simply don’t need.
Leave a Reply