It was just about a year ago that I warned you about an FBI warning that described security vulnerabilities that can occur in your all-important routers. If your router is compromised, the security of all of your devices that use the router is in jeopardy. The FBI warning dealt with foreign hackers using a type of malware called VPNFilter to target the routers of office and home office routers around the world. The malware enables the hacker to steal your information, exploit your devices and even block network communications rendering the routers inoperable. Unfortunately, according to the FBI the VPNFilter malware is difficult to detect and defend against.
Now security researcher Troy Mursch has indicated that he found more than 25,000 Linksys home Wi-Fi routers throughout the world are leaking sensitive information. According to Mursch, 33 Linksys models are vulnerable. Here is a link to a list of those models. https://pastebin.com/raw/ZHgWnu4C
Linksys has denied Mursch’s allegations and said that the vulnerability was patched in 2014. They attribute the present problem to people who are using older versions of firmware or have manually disabled their firewalls. They recommend that all of their customers make sure their routers are updated with the latest firmware and to confirm that their router security settings are enabling their firewalls. At this early point in this story it is unclear who is correct.
The FBI recommendations from 2018 are still good today. Specifically, they advised that you disable remote management settings on your routers and make sure you are using a strong password as well as encryption. Make sure you are not using the default factory-set username and password, which would make your router quite vulnerable. The FBI also advised everyone to upgrade to the latest versions of your router’s firmware, which is also good advice today, as well.
The good news is that companies that make routers are constantly developing router security updates. The bad news is that for the most part the companies that produce routers don’t automatically send you those updates. You need to look for them and download them yourself. In order to do so you need to use your browser to log into your router using its IP address. Experts advise that you check for updates about every 90 days.
Here are links with information for updating popular routers:
If this seems like a lot of work (and it does to me), you may wish to consider getting a router that does automatically download updates. Among the routers that work automatically to download necessary updates is the highly rated Linksys AC2600. Since 2017 Netgear routers provide automatic updating.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”