Waves Of Attacks Against Operator Boxes And Home Routers
Attacks against home routers have increased tenfold in recent weeks, according to a new survey study. Cybercriminals are waging a war to take control of vulnerable boxes and integrate them into monetized botnets to carry major cyber attacks.
A new study published by a Research shows an upsurge in attacks targeting and exploiting home routers. Remember that the boxes of the operators fall into this category of device. These attacks are not new. For several years now, cybersecurity specialists have been alerting the general public to the risks associated with these boxes which ensure the home’s connection to the Internet. Because current routers are ultimately quite efficient machines with memory and a processor. They are of particular interest because they are easily accessible and directly connected to the Internet.
A large majority of the population increasingly depends on domestic networks as part of their professional activity or their studies; that’s why what’s happening on your router has never been more important. Attacks that result for the user in a diversion of his bandwidth and a slowing down of his network. As we have seen in the past, these botnets can destroy the websites of the companies targeted by these attacks.
A survey has thus noted a 10-fold increase in attacks against routers: 23 million attempts over the first 9 months of 2019 against 249 million attempts over the last 3 months. In the simple month of March 2020 (at the start of containment), this study even recorded 194 million connections by “brute force”.
It also detected in mid-March 2020, within a week, nearly 16,000 infected routers attempting to open Telnet connections to other IoT devices, a classic attack to take control of other smart devices on the network. from a compromised router.
The study shows that there is a thriving black market for malware and botnet rental. Groups of cybercriminals would wage a real cyber war for the largest botnet network and fight with each other for control of devices.
Faced with this growing threat, research makes several recommendations for the general public:
- Protect access to the Box with a strong complex personalized password, comprising letters, numbers, and special characters. When possible, do not use the “admin” login, but another less generic name. Also, remember to change the password from time to time.
- Check regularly that the router is running the latest firmware, and update it if necessary.
- For those with minimal technical skills in this area, regularly check the log files logged by the router to identify any abnormal behavior on the network.
- Only allow connections to the router from the local network by activating filtering by MAC address of known devices in the home.
In the end, the important thing is to never lose sight of the fact that the operator’s Box, or the router that connects you to the Internet, is not a trivial device. It is a sophisticated machine, with its flaws and capabilities for action, directly exposed to the Internet, which, if compromised, exposes all devices connected to it to attacks (PCs, tablets, smartphones, connected speakers, devices). home automation, smart devices, etc.) and all users.