Securing Your Routers Against Mirai and Other Home Network Attacks
Do you know if your router has turned into a zombie? It could be part of a botnet responsible for the DDoS attacks that have been taking down company websites.
Last year, the Mirai botnet launched massive and widespread attacks by leveraging vulnerable connected devices (including routers, CCTV cameras, DVRs etc.) and turning them into weaponized zombies. Dyn servers were hit, with notable sites like Twitter, Airbnb, and Netflix badly affected. Mirai, whose source code was leaked last September, has since gained worldwide attention and has also played a significant role in proving the real-world impact of threats against IoT devices.
While attacks from the Mirai botnet are hard to spot in your own home network—since its effects are minimal on your bandwidth resources—the implications of such attacks
Think of your routers as a doorway to your home. The information from all the connected devices pass through your routers and then to the internet. Similarly, inbound data also go through the router and then back to your device again. There are also some router models that have various features such as telephony services, media server, wireless access points etc. They are comprised of an operating system (OS), hardware, and web applications.
How vulnerable is your router?
Many risks arise from when people
Routers often come with
It is highly recommended for users to change
- Security flaws as the entry point to your home network
Like any hardware, routers also have vulnerabilities that can introduce malware to your home network. To exploit such vulnerabilities,
These security flaws, when exploited, can put confidential information in the wrong hands and allow attackers to launch denial of service (DoS) attacks, prevent users from using the internet, and change the DNS server settings. For small and medium-sized businesses (SMBs), this could result
- Post-compromise threats
Once your home network gets compromised, it becomes prone to DNS-changing malware and botnets among other threats. Another risk you need to consider is VoIP fraud, which occurs when attackers use the telephony service and conduct unauthorized calls to other countries, leaving you with exorbitant charges.
Why are your routers a big target for cybercrime?
Selling your information is just one of the means for cybercriminals to generate profit. Other ways include monetizing and offering DDoS services and botnet rentals in underground markets. To illustrate this, renting 100 bots in the Chinese underground is pegged at US$24 in 2015; in the French underground last year, botnet rental of 100-150 bots per day is at €95 (or US$102.19).
How can you secure your router?
Users need to protect routers to help stop cybercriminals from using these devices for malicious means and to minimize the other risks we highlighted in this article. The first step to securing your gateway to the internet begins by choosing a reliable and secure router. For starters, this means never purchasing used ones. It is also recommended to opt for routers that have a security solution embedded in them.
Recently, Trend Micro partnered with ASUS to better protect users from IoT-related threats like Mirai. ASUS wireless home routers are now pre-installed with the Trend Micro™ Smart Home Network solution, which has web protection and deep packet inspection capabilities.
For a more secure home, users can also take advantage of the Trend Micro Home Network Security solution that provides additional protection against cyberthreats to connected smart devices inside a household.
To know more on how cybercriminals abuse routers and how home users and SMBs can protect themselves, check out our comprehensive guide, Securing Your Home Routers: Understanding Attacks and Defense Strategies.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2
- The Linux Threat Landscape Report