Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Users face serious threat as hackers take aim at routers, embedded devices

Lucian Constantin | April 4, 2014
Attacks are likely to continue and manufacturers are largely unprepared to respond, security researchers say.

Eiram believes that the absence of automatic updates is exactly the reason why embedded devices should have better code maturity and secure configurations from the beginning.

"To most home users, a router is that magical box in the corner, allowing them to go on the Internet," Eiram said. "Many are still struggling to update software on their computers that don't have auto-update features. Asking those users to log in and then configure or update their routers is not realistic."

For those users who do feel knowledgeable enough to configure their own routers, Eiram advises disabling access to the administration interface from the Internet, as that is usually the most commonly vulnerable feature.

"Ensuring other services are not remotely accessible is also a good idea, since we do see vulnerability reports in those as well," he said. "The problem here is that it is sometimes not even clear to users that a service is active and listening remotely. Finally, checking for updates regularly is important and usually possible from within the the web-based management interface."

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.