07/10/2020

Daily Buzz: Tell Your Employees to Check Their Router’s Firmware Security

Home routers are affected by hundreds of security vulnerabilities

Want to protect your remote employees from cyberattacks? Tell them to check their home routers, which could be leaving them vulnerable.

ZDNet reports that Germany’s Fraunhofer Institute for Communication (FKIE) carried out a study involving 127 home routers from seven brands—Netgear, ASUS, AVM, D-Link, Linksys, TP-Link and Zyxel—to check for the presence of known security vulnerabilities in the latest firmware.

The results? Appalling, writes ZDNet’s Liam Tung. The study found that 46 routers hadn’t gotten a single security update within the past year and that many routers are affected by hundreds of known vulnerabilities. About 90 percent of the routers in the study used a Linux operating system, but manufacturers weren’t updating the OS with fixes made available from Linux kernel maintainers.

On top of that, the study found that vendors who are shipping firmware updates are doing so without fixing known vulnerabilities, meaning even consumers who install the latest firmware are not safe.

“The bottom line … is that you should research [manufacturers] before purchasing your next router, and see what their track record is like with respect to security updates and firmware upgrades,” said Brandon Hill on HotHardware. “Don’t let attractive pricing take your eye off the ball.”

FKIE assessed that ASUS, Netgear and particularly AVM do a better job on some aspects of securing routers than D-Link, Linksys, TP-Link and Zyxel, but urged the industry to do more to keep users safe.

“To sum it up, much more effort is needed to make home routers as secure as current desktop or server systems,” the report says.

Please select this link to read the original article from Associations Now.