Millions of Routers Susceptible to Hackers: Report

A security researcher says hackers could take control of millions of routers. Craig Heffner, of security firm Seismic, says half of the models he tested were vulnerable to a recently discovered hack.

Routers, which allow an Internet connection to be shared among multiple computers, are extremely common -- especially for those of us who use high-speed Internet. Even if you own only one computer and don't share your connection with others in your household or office, chances are you're using a router of some kind.

In short, the router acts as a gateway to the Internet and directs traffic back and forth to computers. When two machines are sharing a single Internet connection, the router makes sure the right data goes to and from the appropriate machine.

Poisoned Domain Name System (DNS)

Security specialist Craig Heffner, who'll detail his findings at a security conference in a couple of weeks, says the hack takes advantage of a flaw in the Domain Name System (DNS). A DNS is effectively the yellow pages of a phone book for the Internet: its function is to look up web site names and finds their corresponding IP address, similar to a telephone number in a phone book. The IP address is short form for "Internet Protocol", and identifies machines connected to the Internet.

A website stores its content on a web server, which is typically accessible through the Internet. However, Heffner says a website can be set-up to use a bogus IP address (phone number) which is actually that of the visitor's own router. This exploit could potentially allow a hacker to access the router and thus have complete control over which websites the computer visits: a dream come true for those spreading malicious software. (Source: zdnet.com)

Limitations and Caveats of DNS Exploit

There are several limitations to this hacking technique, however.

Like most online attacks, this type of exploit first requires the user to visit the booby-trapped website, usually passed on through an unsolicited email or instant message (for example). A second limitation is that the trick only works with some routers, but it's estimated that "millions" of routers could be susceptible. (Source: forbes.com)

The biggest limitation, though, is that once the hacker has made the direct connection to the user's router, they also need to get  breach its built-in security system. In some cases this would involve exploiting a software bug. However, given that the vulnerability is so widespread, most hackers would likely use common passwords or even a dictionary attack to gain access to a system. (Source: forbes.com)

Best Practices to Avoid Infection

The best way to avoid being a victim of the vulnerability, apart from the usual practice of not clicking on website links from suspicious, unknown, or unsolicited sources, is to make sure that your router's firmware is up to date and to to ensure that the password to access your router is unique.

To ensure your router's firmware is up to date, visit the manufacturer's website. Most sites have a "support" or "downloads" link, which will list firmware updates to your specific model. The model number should be listed on the front of the router on the back, or underneath.

How to Make Strong Passwords, Every Time

As for safe password practices: you should always use strong -- and most importantly, unique passwords for any of your logins, including your router. For more information on strong passwords and to get free software capable of generating strong passwords, download our free report "Top 10 Passwords You Should Never Use". If you're already subscribed to our email newsletter, use the same email address to download the report.