The high risk of default passwords

router security

Recent news has highlighted that foreign state actors are exploiting home, small business and large enterprise routers in an effort to gain cyber-war and espionage advantages. These are also targeted by criminal rings, so no shortage of bad actors looking to compromise critical network infrastructure. The security services of the UK and the USA have recently issued warnings and technical alerts on this topic.

Quick Summary: Default passwords are bad, immediately change the default password on your router. NOW, please.

Way too many network-connected devices have default passwords, and users often do not change them during deployment. For instance, if you have a TDS or Windstream supplied modem/router, the odds are very high it has a simple default password set on it. I know, I’ve been in many, many homes and you are all surprised when I can log onto your home router and adjust settings without having to ask you for the login info.

This is incredibly dangerous, as that means than an infected tablet, or set-top-box can just as easily log into the router and make changes that are extremely bad for your security. I’ve personally witnessed a Windstream router get re-infected in under 60 seconds once reconnected to the network with an infected set-top-box. It was redirecting the primary address resolution service (DNS) to locations that could pose as your financial services and other important sites, and get you to supply those credentials without you being aware they were being harvested.

Then, many devices, such as security cameras, have multiple logins, including some used for support that are widely known to humans and to malware. These are often infected when they are exposed to the Internet (so you can see video while away), or via local malware.
So it is important that ALL your network connected devices have unique logins YOU define and setup. No defaults, ever.

Start with your ISP router, make sure it has a unique password. And make sure you write it down and keep in a safe place.

Then for every WiFi or network connected device, make sure there is a unique password used to manage it.

And even if you have a third-party router in front of the ISP modem/router, you should still change the default password on the ISP device. Just look up the make and model of the ISP modem/router to find where to go to change that.

Since so many of you have IQrouters, I can say that by design, it has unique passwords, as it forces those to be configured during setup. It also protects against many types of attack, including the aforementioned DNS one. It was actually an IQrouter that prevented that customer from having a more serious issue, as the IQrouter detected an upstream DNS attack and stopped resolving addresses.

That said, care should always be taken with all your network gear, and for those looking for further protection, there are other security devices that can be deployed to help mitigate network-borne attacks. For instance, I use a Cujo AI security appliance to protect my outbound traffic, as I have over 60+ network-connected devices, and even though I know what I’m doing, this is added protection against ever evolving threats. But, it is a much more complicated network setup.

Bottom line, networks are important to modern life, and should be setup and cared for to ensure they not only operate well, but also are safe.

Newest Stories - News

Dawson, Pickens announce 2018 general election schedule

Dawson, Pickens announce 2018 general election schedule

Book signing at Smoke Signals Oktoberfest tent

Book signing at Smoke Signals Oktoberfest tent

Dawson Chamber’s Women in Action program well-received

Dawson Chamber’s Women in Action program well-received

ArtsBridge Hosts FREE Performing and Visual Arts College Fair

ArtsBridge Hosts FREE Performing and Visual Arts College Fair

Get ready for fall with pet-friendly indoor gardening

Get ready for fall with pet-friendly indoor gardening

Meet local authors at Smoke Signals Oktoberfest tent

Meet local authors at Smoke Signals Oktoberfest tent

Honey Dip Saloon open for Saturday football

Honey Dip Saloon open for Saturday football

‘California dreaming’ theme of BCAR Wine Fundraiser

‘California dreaming’ theme of BCAR Wine Fundraiser

Bear Society delivers a busy October

Bear Society delivers a busy October

PCAP’S Margy Lohman honored for 25 years of service…

PCAP’S Margy Lohman honored for 25 years of service

Free Hearing Screening on October 23

Free Hearing Screening on October 23

Time to update your 2019 Community Directory information

It’s time to update your 2019 Community Directory information

2018 Wings Over North Georgia Air Show

2018 Wings Over North Georgia Air Show

180923-N-FF029-2034 PACIFIC OCEAN

180923-N-FF029-2034 PACIFIC OCEAN

New car museum to include Herbie, Batmobile, rare vintage cars

New car museum to include Herbie, Batmobile, rare vintage cars

Advertisement

SmokeSignals Online
11293 Big Canoe
Big Canoe, GA 30143
PH: 706-669-7095

©2018 Big Canoe News