Kaspersky comment: Research reveals popular WIFI routers with serious security flaws
In response to the news that many popular routers contain hundreds of known security flaws and are infrequently updated, please see below a comment from David Emm – principal security researcher at Kaspersky.
“This underlines the importance of vendors ensuring that products that are on the market are safe for consumers and businesses. Many of the brands listed sell products here in the UK too, so this is yet another stark reminder that vulnerable routers remain an effective gateway to a successful attack on a consumer, or business, here in Britain – and it’s apparent that it is not solely down to the sophistication of hackers. In 2018, the UK government introduced its code of conduct for consumer IoT devices and earlier this year the government announced that it would introduce legislation to make standards mandatory. It is clear that more governance is required to ensure that products are being manufactured with cyber-security front of mind.
“Some manufacturers of routers already ship devices with a unique key – which is something that all manufacturers, regardless of where they are based. should be doing to ensure proper security protocol. However, until all vendors do this, consumers must get into the habit of changing default passwords immediately, where possible, to ensure their data is not open to attack. Consumers should also check that devices can be updated, to reduce vulnerabilities that criminals can exploit, and ensure that encryption is enabled on routers.”