Many people wonder why home networking equipment is often so fraught with security problems. They’ll hear stories on the news about large scale attacks on people’s networks and wonder how this can be. There are several reasons why there are so many vulnerable routers:
Firmware is really the problem with vulnerable routers
When you look at a router, there are really 2 aspects to it: The hardware and the software. The hardware is all of the computer parts inside of the case while the software really runs the show. In a router, the software is properly called firmware which is what the software is typically called in an embedded system.
Software is notoriously difficult to write, and even software experts make mistakes, or bugs, when writing it. Often, these bugs seem rather minor, obscure or trivial. But these bugs also often allow hackers just enough breathing room to create a clever hack to exploit the system and allow them to do things that they shouldn’t be authorized to do.
Your router’s firmware is probably based on old software
Router vendors are businesses, and to make a good profit they spend most of their resources devising ways to lower the cost to produce the hardware. Software, despite the fact that it really runs the show, is often the neglected piece of the puzzle. Software is often developed as an afterthought and not given the attention it deserves.
In fact, much of the firmware inside of a router is based on popular software. However, old versions of this software are very often used. This means that if a hacker is aware of a known vulnerability in that software, the router is at risk.
Router firmware is complex to use
Router firmware is typically written by engineers for engineers. It uses terms and ideas that frankly the typical educated person is just not used to. This often leads to routers being poorly configured by the people who own them simply because they don’t know any better. Would you click on a button that said “Click me and become a magnet for hackers around the world!”. Of course not, but there are many landmines like this in the typical router user interface simply because people don’t understand exactly what they are clicking on.
Vendors don’t always fix their problems
When hackers find a vulnerability in a certain router, it’s always interesting to see what happens next. Usually it’s nothing. Well, of course, hackers try to exploit the vulnerability, but as for the vendors? Typically no response. Vendors are often working on the next model to properly support all of the customers who’ve already bought their product.
But users don’t update their routers anyway
… and that’s the sad truth. While it’s easy to point fingers at vendors for not always providing firmware update for their products, the truth is that in most cases it doesn’t matter because users won’t update their routers.
There are several reasons why this is. First, most people are completely unaware that their routers can even have firmware updates. When they do, there is no easy way to know when an update is released. And finally, the process of upgrading the firmware in your router is a bit difficult for a lot of people. Here’s a great video tutorial from D-Link that shows what’s generally involved.
Getting information in the Information Age is easy
Once someone has figured out a vulnerability in a certain router, disseminating that information to others is quick and simple. There’s a lot of sharing going on in the hacker community, often complete with computer code to exploit the problems.
Unfortunately, there are also backdoors
Backdoors are what software developers call security vulnerabilities that were written into the software code on purpose. Why would a developer do this? Well, sometimes it’s to make the development of the software easier, sometimes it’s to make the testing easier. The problem happens when the developer forgets about his backdoor and doesn’t disable it before releasing it to the public.
Other backdoors exist for more nefarious reasons. Sometimes unscrupulous developers will put a backdoor into a system so that they can gain access to it at a later date once it’s put into use. These developers are often later called convicts.
To read more about real world backdoors, you can look here.
And then there’s always the password problem
Finally, there’s the issue that’s probably the most responsible for router security problems: bad passwords. People notoriously use common passwords on their routers, or even worse, leave the default. This makes it uber-simple for someone to break into your network without even needing to rely on a router vulnerability.
To read more about problems with passwords, you can look here.