Comment: 500,000 Routers hacked in VPNFilter campaign
May 2018 by Webroot
Following the news that 500,000 routers have been hacked by the VPNFilter campaign, David Kennerley, Director of Threat Research at Webroot, comments:
The breaking news regarding VPNFilter really shouldn’t be seen as a surprise, it highlights the concerns we regularly debate. Routers are always going to be an attractive and easy target for cybercriminals. By their very nature, the vast majority will be internet facing and whereas we can advise on the best practice of placing and securing IoT devices on the internal network only - this option is obviously not available to routers.
The array of connected devices represents a large attack surface, whereas we now understand the concept of building in security at the design stage when producing PCs and laptops and the ever increasing security built in to smart phones - many IoT devices are not designed with security in mind.
Businesses and consumers alike, are often not aware there devices are susceptible to vulnerabilities already being targeting in the wild, and even when they are aware, many IoT devices are difficult to update and security configure at best. Compromising these devices, can lead to further network attacks, data and communication theft and like in the case of VPNFilter - being recruited as a weapon in a huge botnets, awaiting the next command.
Businesses need to understand the risks of adding more and more IoT devices to the network and the possible consequences of being compromised. Understanding how and what a device collects, stores and communicates is crucial to securing sensitive data. As important is routinely checking for the latest updates for their devices, resetting firmware periodically isn’t a bad idea also, and making sure IoT devices are configured to be as secure as possible is essential - it’s bye, bye to the "Set-up and forget" mentality.