Notice to UMB Cardholders Click here if you recently received a replacement card as a result of a potential compromise.

Securing your router and IP address is vital to stopping cyber attacks.

Protecting your business from wireless attacks

Posted on 3/11/14 4:21:00 PM

The business protection plan you've installed means little if you aren't carrying out some routine adjustments, according to Tripwire, a leading global provider of risk-based security and compliance management solutions.

Tripwire recently surveyed 653 IT and security professionals and 1,009 employees across the country who work remotely in the United States and United Kingdom. Its research shows that vulnerabilities are prevalent across the entire Small Office/Home Office (SOHO) wireless router market.

Craig Young, security researcher for Tripwire, reported that his company's Vulnerability and Exposure Research Team (VERT) analyzed the security of the most commonly purchased wireless routers and found many of the best-selling SOHO wireless router models possess some sort of security deficiencies.

Tripwire reported 80 percent of Amazon's top 25 best-selling SOHO wireless routers have security issues.

"VERT's research and SANS recent discovery of 'The Moon' worm currently infecting exposed Linksys routers indicates that threats to routers will continue to increase as malicious actors recognize how much information can be gained by attacking these devices," Young said. The SANS Institute is a private U.S. company specializing in internet security training

The report also stated 34 percent of the 50 best-selling routers have publicly documented shortcomings that make it simple for attackers to tap into systems.

"Unfortunately, users don't change the default administrator passwords or the default IPs in these devices and this behavior, along with the prevalence of authentication bypass vulnerabilities, opens the door for widespread attacks through malicious websites, browser plugins, and smartphone applications," Young added.

Key discoveries
Not enough people are changing their passwords, according to the survey. Approximately 30 percent of IT professionals and 46 percent of employees do not change their default administrator passwords on their wireless routers. Tripwire said this is one of the major business protection concerns, as attackers can easily bypass the standard configuration of the device without a change in password.

More than half of all IT professionals respondents and a whopping 85 percent of employees never change the default IP address on their wireless routers, which also makes it much easier for cyber attackers to strike a company.

According to PC World, your Internet address is just as easy to find as your street address. In order to find your own public IP address, check out Your address will be show in bold letters. That goes for the standard consumer as well as a business.

If someone gains control of your router, they can open and resend any sort of traffic anywhere they choose.

Additionally, 43 percent of IT professionals and 54 percent of employees use Wi-Fi Protected Setup (WPS), an insecure standard that makes it relatively easy for attackers to learn about a router's encryption password, according to the report.

Keeping software up to date
More than half of IT professionals and nearly six of 10 employees don't update the firmware on their routers to the latest editions. This is vital to helping keep security upgrades up to date, as it safeguards your information. Some router vendors don't offer additional protection, but many - like Linksys - do, and the information is available through their website.

Karen Sohl, a spokesperson for Linskys, told PC World that their customers should be aware of a few things to help strengthen their security.

"Customers who have not enabled the Remote Management Access feature [on these devices] are not susceptible to this specific malware," Sohl said. "Customers who have enabled the Remote Management Access feature can prevent further vulnerability to their network by disabling the Remote Management Access feature and rebooting their router to remove the installed malware. Linksys will be working on the affected products with a firmware fix that is planned to be posted on our website in the coming weeks."