Beware of compromised routers spreading malware. This is according to both Kaspersky Labs and a recently released government report.
Using hacked routers to spread malware is nothing new. Security insiders have known about it for years. However, since 2008, the number of instances where routers are being used to push malicious code has been steadily increasing.
Many devices susceptible to this are shipped insecure by default, under the assumption that once the end user purchases and installs them, they will update and secure the devices themselves. However, many are never updated or patched, ever. I don’t think in over 18 years I have ever had a client update the firmware on a product themselves!
Even worse, many users never even change the default IP address scope and password. Making that Huawei router you got on-sale a real “steal” (pun totally intended).
With so many new IoT devices coming online every day there really should be some sort of industry standard and auditing system, but there isn’t. I believe if organizations like ISPs (internet service providers) are purchasing a lot of home routers for commercial customers , or routers in general for all their customers, then they need to request the details of the security posture of those devices from their vendors.
They should also test those assertions to assure they are secured and do have an upgrade path. Otherwise they are just leaving thousands of customers unwittingly at risk because of a bundled package of internet, phone, TV and WiFi!
In short, I think it is pretty clear these days that no one is looking out for your security, that is up to you.
If you are running a small business it is even more imperative that you don’t trust your network and your clients data to some cheap product that you found online. At a minimum, consult with an IT company that does this sort of thing everyday, even if you don’t end up hiring them full time. The knowledge and advice they can give you is well worth paying for an hour or two of their time.