Computer security firm Tripwire has released a new report on the current state of security for home and small office routers. This report on home routers contains findings from a survey of 653 IT professionals and 1009 employees who work remotely in the US and UK. What they found should not be surprising if you’ve been following our website:
This research strongly shows that critical security vulnerabilities are endemic across the entire SOHO wireless router market, and a surprising number of IT professionals and employees who work remotely do not use basic security controls to protect their wireless routers.
Some of the details of the research include:
- 80% of Amazon’s top 25 best-selling SOHO wireless router models have security vulnerabilities.
- 30% of IT professionals and 46% of employees do not change the default administrator password on their wireless routers.
- 55% of IT professionals and 85% of employees do not change the default Internet Protocol (IP) address on their wireless routers.
- 43% of IT professionals and 54% of employees use Wi-Fi Protected Setup (WPS) – an insecure standard that makes it simple for attackers to discover a router’s encryption passphrase, regardless of its complexity or strength.
- 52% of IT professionals and 59% of employees have not updated the firmware on their routers to the latest version.
So there it is in detail, things that we’ve known in theory really laid out in detail. If any of this is surprising, it’s that the numbers for “good” behavior are higher than expected.