Firstly, there’s a flaw in the firmware that leaves the router’s admin panel exposed to the web, opening the door to remote hacking. Secondly, and perhaps even more troubling, is the fact that the researchers discovered a number of admin-level backdoor accounts introduced by various members of the supply chain.
As admin-level accounts, if a hacker logged in using them, the attacker would be given unfettered control over the device, including the ability to change your main admin password and monitor all traffic flowing through the router.
It would also be a trivial task for any hacker who had control of a router to make deeper forays into a company’s network, so this is a fairly serious issue, but in this case, there’s a bit of a silver lining.
The impacted routers are almost all extremely old, manufactured circa 2010. If you have something newer, then odds are excellent that you’re not impacted. However, the security researchers note that the web-availability of a router’s Admin Panel is a common problem, and that right now, there are tens of thousands of routers available online.
If your corporate network is built around older equipment, now is the time to investigate and make sure you’re not exposed. The simplest and easiest solution is to simply upgrade your equipment.
Even if you have newer equipment, given how many routers are exposed to remote hacking, this would be a good time to have your IT staff conduct an audit and confirm that yours is not among the vast number that hackers have easy access to.
If it’s just not something you can spare staff to look into, contact us today and speak with one of our team members. This is the kind of issue that can easily be outsourced, and it will make your company much more secure.