“Germany’s Fraunhofer Institute for Communication (FKIE) has carried out a study involving 127 home routers from seven brands to check for the presence of known security vulnerabilities in the latest firmware. The results are appalling. The FKIE study found that 46 routers hadn’t got a single security update within the past year and that many routers are affected by hundreds of known vulnerabilities.” (zdnet.com, 2020) The sheer percentage of routers that hadn’t seen any recent updates was surely astonishing. However, this was not nearly as jaw-dropping as the fact that the FKIE revealed that there were no routers in the study without security flaws. Meaning 127 out of 127 (100%) of routers tested had some sort of security flaw. Based on the number of routers currently in the market, one has to wonder whether or not their home or office brand of choice was on that list.
The study also detailed findings that prove “vendors are shipping firmware updates without fixing known vulnerabilities, meaning that even if a consumer installs the latest firmware from a vendor, the router would still be vulnerable.” (zdnet.com, 2020)
“The study targeted five key signals in firmware images to assess each manufacturer’s approach to cybersecurity. These included the days since the last firmware update was released; how old are the OS versions running these routers; the use of exploit mitigation techniques; whether private cryptographic key material isn’t private; and the presence of hard-coded login credentials. FKIE concludes that router makers are significantly lagging in the delivery of security updates compared with operating system makers.” (zdnet.com, 2020)
How it Could Affect You
“FKIE assessed that ASUS and Netgear do a better job on some aspects of securing routers than D-Link, Linksys, TP-Link, and Zyxel, but it argues the industry needs to do more to secure home routers. In the worst cases of devices, FKIE assessed, the routers hadn’t been updated for more than five years. ” (zdnet.com, 2020)
Your business can’t afford to wait for a study to reveal gaps in your security. Your IT department and or IT Company should constantly be monitoring that for you. Lots of times, these types of studies are a few steps behind hackers. Therefore, you want an IT team that can keep your business a few steps ahead, and prepared to recover from any actions hackers, cyber criminals, or even system/user errors you and your company may face.
Hodgson Can Help
We can help you ensure your software, hardware, applications, and devices are all secure and up to date. Beyond that, we make sure that you don’t experience extensive downtime when updates do need to occur. We help keep your business rolling and off the route and radar of hackers. Here at Hodgson Consulting & Solutions, we specialize in securing data and information loss prevention for companies with multiple locations and/or a remote workforce. We offer full solutions for your IT needs, not just Band-Aid fixes. Contact us to receive a FREE Cyber Security Risk Assessment and also learn more about our Managed Security Service Plans. Contact our office today at 847-906-5005.