Routers, Cyberattacks and a horrible surprise
I read the article about “What you can do to protect your home internet” in The Age and thought maybe I should update the firmware on my foreign branded modem with a large Internet Service Provider in Australia. It is just an ADSL2 modem (broadband hasn’t reached us yet in inner Melbourne) and it has been working well.
I log onto my router and can’t find a tab to update the firmware. A very quick search not only provides me with the way to get the update tab to appear but also presents a gaping hole in my router’s security.
I changed the router Admin password as soon as I set up the router a few years ago and thought I had secured the router. I fortunately also don’t allow external access over the web to my router. Thank goodness I didn’t.
I had no idea there was another account for my router that could be exploited by anyone with the password… which is publicly available on the internet.
There is another account called “root” on my router which is a superadmin account that gives the person logging into the router complete control of the router including updating the firmware. Where I read this post, which is on the famous whirlpool forum, also provided the password, which was provided to the customer by the ISP (the same one I use) when the customer legitimately asked (like I wanted to) how to update the firmware on your router…
The customer obligingly posted it on the forum to help others, but what it highlighted is that there is a generic superadmin account on my router.modem that I didn’t know about with a generic password that I found in less than 2 minutes.
I logged onto the router using the “root” account and the generic password and sure enough I was in. Password changed so hopefully that security hole is plugged.
So I call upon all providers of modem routers to declare any accounts and generic passwords that would provide access to the router so that people can secure their router. I urge you to search for things like “router generic accounts” and include your router brand, model and even the internet provider who may have bundled the router with your service, as happened to me.
The mistake was an honest one and I criticise nobody, but being someone who is supposed to know about technology, I felt very vulnerable when I could access my router using details freely available on the internet. I don’t think my passion for plants and small aeroplanes will be of interest to those hacking into folks, but if you run a business, you might want to check things out.