Skip to main content

Dan Geer: Home routers a clear and present danger

posted onAugust 7, 2014
by l33tdawg

During his keynote and a press conference that followed here at the Black Hat information security conference, In-Q-Tel Chief Information Security Officer Dan Geer expressed concern about the growing threat of botnets powered by home and small office routers. The inexpensive Wi-Fi routers commonly used for home Internet access—which are rarely patched by their owners—are an easy target for hackers, Geer said, and could be used to construct a botnet that "could probably take down the Internet." Asked by Ars if he considered home routers to be the equivalent of critical infrastructure as a security priority, he answered in the affirmative.

Geer spoke about the threat posed by home routers in advance of "SOHOpelessly Broken," a router hacking contest scheduled for the DEF CON security conference later this week sponsored by the Electronic Frontier Foundation. "Because they are so cheap, you can get a low-end router for less than 20 bucks that hasn't been updated in a while," Geer explained.

Attackers could identify vulnerabilities in particular models and then scan the Internet for targets based on the routers' signatures. "They can then build botnets on the exterior of the network—the routing that it does is only on side facing ISPs," he said. "If I can build a botnet on the outside of the routers, I could probably take down the Internet."

Source

Tags

Hardware Security Networking

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th