Home devices threaten enterprise data security, warn researchers

Poor or lacking security on millions of ADSL routers and other devices used by teleworkers represents a threat to global enterprise information security, researchers have warned.

Unscrupulous internet service providers (ISPs) distribute routers that often have several security vulnerabilities, Cisco consultants Kyle Lovett and Dor Tumarkin told the CrestCon & IISP Congress 2015 in London.

Most of these vulnerabilities are well-known and well-documented, and yet ISPs continue to distribute routers without any security evaluation.

Wide swathes of IP space are being made vulnerable through ISPs in developing countries distributing routers with default passwords that can be easily found on the internet, said Lovett.

He estimates that between 25 million and 80 million devices used in small office and home office environments can be accessed remotely because default passwords are rarely changed by users.

Attackers can locate vulnerable devices using internet scans and websites such as Shodan which publishes an index of internet-exposed devices.

Research has shown that 14 suppliers have distributed over a million ADSL routers with firmware dating from 2007 that contains multiple critical vulnerabilities that could allow hackers full control.

Vulnerable routers can be exploited by attackers to carry out DNS redirection attacks or hijack them to carry out distributed denial of service (DDoS) attacks using DNS amplification.

This means attackers can alter thedomain name system(DNS) configuration on these devices to redirect victims to IP addresses and domains controlled by the attacker.

Attackers can conductman-in-the-middleattacks or redirect victims to anywhere they want, inject their own adverts into web pages or poison search results.

Read the original:
Home devices threaten enterprise data security, warn researchers