87 critical vulnerabilities discovered in routers in 2021

Routers are essential for Wi-Fi connections, with millions of new devices set up dailyin homes and workplaces. According to analysis conducted by Kaspersky, over 500 vulnerabilities were discovered in routers in 2021, including 87 critical ones. Threats stemming from vulnerable routersaffect both households and organizations, moving beyond email compromisesto physical home security. Despite this, people rarely think about the security of their devices. According to the research, 73% of users have never thought about upgrading or securing their router, making it one of the biggest threats impacting the Internet of Things today. Here, Kaspersky experts explain what threats router vulnerabilities can pose and how users can protect themselves.

A router is the hub of an entire home network, through which all elements of a smart home access the internet and exchange data. Infecting a router, attackers gain access to the network through which data packets are transmitted. Using this, they can install malware on connected computers to steal sensitive data, private photos, or business files – possiblycausing irreparable damage to the victim. Through the infected router the attacker can also redirect users to phishing pages masquerading as often-used webmail or online-banking sites. Any data they enter on these pages, whether it’s their login and password from the email or bank card details, will immediately fall into the hands of fraudsters.

Since 2010, the number of vulnerabilities found in routers has been steadily increasing. In 2020, the number of discovered vulnerabilities increased to 603, about 3 times as many as the year before that. In 2021, the number of discovered vulnerabilities remained almost as high – 506. Out of all discovered vulnerabilities in 2021, 87 were critical. Critical vulnerabilities are the most unprotected « holes » through which an attacker can penetrate a home or corporate network. Such vulnerabilities may let the attacker bypass authentication, send remote commands to a router, or even incapacitate it. Doing so, operators are able to steal any data or files transmitted over an infected network, whether it’s your personal photos, private information, or even business contracts sent in an email.

Number of router vulnerabilities according to nvd.nist.gov, 2010 – May 2022

Though researchers are now raising awareness about many more found vulnerabilities than before, routers remain one of the most insecure devices. One of the reasons for this is that not all vendors rush to eliminate the dangers. Almost a third of critical vulnerabilities discovered in 2021 remain without any response from vendors: no patch or commentary with advice has been issued for them. Another 26% of such vulnerabilitiesreceived only a comment from the company, which most often includerecommendations to contact technical support.

Alongside attackers’ increased activity, consumers and small businesses don’t have the expertise or resources to identify or understand a threat before it’s too late. For instance, as mentioned, 73% users have never thought about upgrading or securing their router, making it one of the biggest threats impacting the Internet of Things today.This is especially dangerous when routers are used in sensitive environments such as hospitalsor government buildings,where a data leak could potentially have a severe impact.

“Despite the speed with which technology is coming into our lives, the level of cybersecurity hasn’t kept pace. Many employees have been working from home for the past two years, but the security of routers hasn’t improved over this time – they’re still rarely updated. Therefore, the risk that router vulnerabilities could be abused bycybercriminals remains a concern in 2022. What’s important is to prevent a threat as early as possible, since people usually find out about an attack when it’s too late– after money has been stolen,” comments Maria Namestnikova, Head of the Russian Global Research and Analysis Team (GReAT) at Kaspersky.

“When you buy a router, network security should be as much of a priority as data transfer speed and price.Read reviews and note how quick the manufacturer resolves reported issues. And don’t forget to update your router as soon as the developer releasesa patch to avoid losing sensitive data and money,” adds Maria.

Read the full report about router security on Securelist.

To protect your router from cybercriminals’ attacks, Kaspersky recommends:

• To buy smart appliances second-hand is an unsafe practice. Their firmware could have been modified by previous owners to give a remote attacker full control over your smart home.
• Don’t forget to change the default password. Go for a complex one and change it regularly.
• Don’t share serial numbers, IP addresses or other sensitive information regarding your smart devices on social networks.
• Use WPA2 encryption – it’s the most secure for data transfer.
• Disable remote access in the router’s settings. If remote access is still needed, you should disable it when it is not in use.
• For more security, you can select a static IP address and disable DHCP, as well as protect Wi-Fi with a MAC filter. These actions lead to yourhaving to manually configure the connection of various additional devices to the router, so the process becomes longer and more complicated. Nevertheless, it will be much more difficult for an intruder to penetrate the local network. Be aware and always check the latest information on discovered router vulnerabilities.
• Having decided on a particular app or device, be sure to stay in the loop about updates and discovery of vulnerabilities. Install all updates released by the developers in a timely fashion.
• Consider installing a specialsecurity solution that can help protect your home network and all connected devices. 

13 June2022