Indians lack knowledge about router security practices, which makes them vulnerable to cyberattacks that are designed to gather sensitive information, according to a report.

The research report was based on the survey carried out by the digital security service provider Avast in July 2018 covering 1,044 consumers in India on their knowledge on router security, according to a report.

The research report stated that around 32 per cent of people have never logged into the web administration interface to change the factory login credentials. About 23 per cent have logged into their router’s web administration interface but continue to use the default login credentials their router came with. Only 44 per cent change the login credentials.

Of those who logged into their router’s web administration interface, 65 per cent surveyed have never updated their router’s firmware.

About 33 percent of Indian consumers admitted to logging into their router’s interface once a year or less to check for updates, while 39 per cent said they had no idea their routers even had firmware - the pre-programmed software etched into hardware which requires updating to incorporate security patches.

According to the report, an estimated seven lakh routers around the world were diagnosed as vulnerable to malware with SSL stripping capabilities last May. Known as VPN Filter, this modular malware contains man-in-the-middle (MiTM) attack capabilities designed to inject malicious payloads into web traffic.

It has the capability to scan incoming and outgoing web traffic on the user’s network to collect passwords and other sensitive information. To date, routers in 54 countries are affected, including Linksys, NETGEAR, D-Link, Huawei and Asus models.

“An individual’s local network is only as strong as the weakest link in the chain, and more often than not it is the router that is the greatest point of vulnerability,” said Martin Hron, Security Researcher at Avast, in a press statement.

“The router is frequently misunderstood or overlooked, but it’s arguably the most important device as it acts as the gateway to the internet,” Hron stated.

By connecting multiple devices and allowing them to share data with one another while managing incoming and outgoing web-traffic, it’s a natural target for people want to gather sensitive personal information, such as bank login details, and exploiting the devices paired to it.

“As a bare minimum, people should be changing the default user names and passwords on their routers as soon as they’re installed, and pro-actively check for firmware updates,” Hron added.

social-fb COMMENT NOW