After a recent high-profile media story highlighted how poor router security led to a police raid of the home of an innocent family, we take a look at how Wi-Fi piggybacking attacks against home and domestic targets, and VoIP hacking of businesses worldwide are growing threats.
It has been reported that in January this year during the lockdown, the family home of a couple and their two young children was unexpectedly raided by police. The shocked and frightened family could only look on as their desktop computer, three laptops, and current and old mobile phones retrieved from drawers around the house were taken away by officers. The family found themselves with just a landline for communications, and under suspicion for a crime which, as it later transpired, they did not commit, and knew nothing about.
To make matters worse, the father of the family was forced to tell his boss that the police required the decryption key to unlock his work laptop, thereby making him fear for his job.
When the devices, which the family were told had been taken for ‘evidence’, were finally returned two months later, it became clear that a mistake had been made because the family’s Wi-Fi connection had been used without their knowledge, and by an unknown party to upload illegal images to a chat site.
The evidence given to the police by the National Crime Agency which led to the raid, had suggested that the illegal uploading had come from the family’s IP address. In reality, the family had simply fallen victim to criminals piggybacking their insecure wireless connection. The weakness that had allowed the attack is believed to have been a weak/poor default password on their old router.
A recent Which? investigation looked at the security aspects of 13 models of commonly used old routers from companies such as Virgin, Sky, TalkTalk, EE, and Vodafone. It was discovered that 6 million users may have router models that have not been updated since 2018 at the latest, with some not being updated since as far back as 2016! The investigation discovered issues with more than half of all routers (of those surveyed). This suggests that as many as 7.5 million users could have routers with security risks.
The main vulnerabilities threatening the security of business and home-user routers, which are often the same thing now with remote working, include weak default passwords that can be easily guessed by hackers, meaning that the router could be accessed remotely, from anywhere in the world. Local network vulnerabilities can also allow a cybercriminal to take control of a user’s device, see what a person is browsing, or even direct a user to malicious websites. A lack of recent updates to the Firmware of a router could also negatively affect a device’s performance, thereby affecting productivity, and leaving outstanding security issues.
Recent ‘Check Point’ research has also shown that there has been a big rise in cyber-fraud operations targeting VoIP phone systems worldwide. For example, a Gaza-based hacking group was found to be responsible for targeting servers used by more than 1,200 organisations based across over 60 countries, with half of those targets being in the UK! What’s more, hackers worldwide are creating their own social media groups to share tips and know-how relating to VoIP phone system hacking and to organise and coordinate future attacks.
Businesses can guard against router security threats by taking measures such as changing usernames and password(s), ensuring that the router’s firmware is up to date, changing the network name/SSID, stopping the Wi-Fi network name/SSID from being broadcast, enabling the router’s firewall, or simply upgrading to a new, more secure router.
To guard against the threat of VoIP phone system hacks, businesses need to make sure that their security patch installation management systems and procedures are up to date, call billings are regularly analysed, there is a clear and robust password policy in place, and an intrusion prevention system is implemented.
Let's meet Paradise Computing's Project Manager, Gareth Whyley. Gareth has a background in IT consultancy and is a specialist in compliance and project management. He is passionate about helping our clients achieve their goals.
Today, we’re shining the spotlight on Rachmann Joubert, a Sage Support Specialist who has brought his wealth of software development experience to the role to help build solutions for our clients.
Today we're getting to know one of Paradise Computing's IT Support Engineers - Ashley Curtis. Ashley plays a vital role in supporting the IT infrastructure of our clients and supports them with his expert IT knowledge.