Speaking of attacks and “admin” accounts, I found this article yesterday on readwrite.com: Your Next Big Security Headache: Your Wireless Router
For years, manufacturers of home routers have all but ignored security issues, at least when it comes to making sure that consumers update their firmware to close exploitable vulnerabilities. Let’s put it this way: Have you ever updated the firmware on your router? If not, odds are good that it’s got one or more security holes through which a properly motivated hacker could slip.
Attacks on routers aren’t common, partly for logistical reasons that make them uneconomical for hackers. But that could change as technology evolves, criminal incentives shift and security tightens up in other areas. One big potential trouble spot: the embedded Web servers that many routers use for managing their settings — including, of course, security.
Router manufacturers have done a lousy job informing users about firmware updates that would patch security flaws, and are even worse making it easy for users to obtain and install those updates. Such patches are seldom available through automatic services, forcing users to look up the fixes on manufacturer websites.
“These are low-priced, low-power devices,” Tod Beardsley, a researcher with application security vendor Rapid7, said. Manufacturers “may not have the margins on these devices to provide ongoing software support.”
To see what can happen when a flaw remains unpatched, look no further than a major intrusion in Brazil in 2011, when hackers broke into 4.5 million home DSL modems over the Internet. The modems were reconfigured to send users to malware-carrying imposter websites, primarily so thieves could steal their online banking credentials.
Please take a moment to read the full article. I’ll wait…
So, keeping the recent “admin” account-based WordPress attack of late, I went to follow the article’s first piece of advice:
“In your router security settings, make sure you’ve changed any default usernames and passwords. These will be the first things any hacker tries, much the way a burglar jiggles a doorknob to see if it’s unlocked.”
Technically I have two routers: the one from my ISP (Windstream) that only acts as a DSL modem but is still technically a full-blown router, and my NetGear router that actually does the routing on my network.
The Windstream router gave me this:
And the NetGear router gave me this:
In both cases I am not allowed to remove or change the name of the “admin” account!
Granted on the scale of computers issues I currently have to deal with these are on the low end as I’ve disabled any outside access to my routers’ management consoles but this still annoys me to no end. Here’s a case where, as the article mentioned, the companies in question are just being sloppy.
(Yes, I know I could install different firmware, at least on the NetGear, but I don’t actually want to. I’ve got a special one that participates in the SamKnows program and I’d like to keep those features.)