Badly secured routers leave 79 percent of US home networks at risk of attack
As many as four out of five internet-connected households in the US could be at risk of attack through their wireless router.
This is among the findings of a study by security specialist Avast which found that more than half of all home routers are poorly protected using default or easily hacked password combinations such as admin/admin or admin/password.
It also found that 25 percent of consumers use their address, name, phone number or other easy to guess items as their router passwords. "Unsecured routers create an easy entry point for hackers to attack millions of American home networks," says Vince Steckler, chief executive officer of Avast. "Our research revealed that the vast majority of home routers in the US aren't secure. If a router is not properly secured, cybercriminals can easily gain access to an individual’s personal information, including financial information, user names and passwords, photos, and browsing history".
Among the biggest threats to any Wi-Fi network is DNS hijacking. This involves malware being used to exploit vulnerabilities in an unprotected router to redirect the user from a known site, such as a bank website, to a fake site designed to look like the real thing. When the user logs in, hackers capture the user’s login credentials and can then use them to access the real site.
Less than half of Americans strongly believe their home network is secure, according to the survey and 16 percent of respondents said they had fallen victim to hackers. This is despite being aware that a breach can lead to their bank or financial information being stolen (42 percent were concerned about this), losing personal information (33 percent), having their browsing history stolen (11 percent), and getting their photos hacked (9 percent).
"Today's router security situation is very reminiscent of PCs in the 1990s, with lax attitudes towards security combined with new vulnerabilities being discovered every day creating an easily exploitable environment. The main difference is people have much more personal information stored on their devices today than they did back then. Consumers need strong yet simple-to-use tools that can prevent attacks before they happen," says Steckler.
You won't be surprised to learn that the recently launched Avast 2015 is able to identify and protect against network threats including DNS hijacking and weak passwords.