Last month, a strain of malware was found to be infecting the devices that provide people with internet service, known as routers. It targeted mostly consumer devices made by companies like Cisco Linksys, Netgear, and TP-Link. Researchers found that it had the ability to spy on data passing through these devices, as well as the ability to render the device useless (known as “bricking”). Unfortunately, these devices usually don’t have any protection such as an anti-virus program and are not updated frequently, if at all. Additionally, most devices are left with the default usernames and passwords, so exploitation of the device is simple. There was a big push last month to have users reboot these devices to try to counter this malware, but that did not completely clear it out. Researchers now say that the only way to clear a device of the malware is to reset it to its factory defaults. This article by Cisco’s Talos security team describes in detail the malware and its potential effects: http://bit.ly/2K6mCLc.
This type of security incident, which is still ongoing, highlights the lack of security focus on the part of consumer device manufacturers. Security features are typically low on the list of priorities for these devices, and updates to fix flaws are few and far between. Most devices are preconfigured to be plug and play out of the box, with little to no customization on the consumer’s part; this means that default settings are left in place and, since the manufacturers are often international companies, are well known worldwide. PCMag recently posted an article listing the devices affected, along with instructions on how to update them: http://bit.ly/2tgUHSo.