Internet security research group Team Cymru released a report earlier this year showing that over 300,000 small office/home office (SOHO) home routers have been compromised at several locations across the globe.
The security concern, caused through a loophole in their software, is thought to be the biggest of its kind, although Team Cymru didn’t speculate on what the hackers intended to do with all of the controlled routers.
Has your router been compromised?
The answer is vague, but considering the numbers you’d be very unlucky to be amongst the victims.
This image from the Team Cymru report is a visualisation of all the routers that were discovered to be hacked. As shown, the highest affected country was Vietnam, followed by Italy and India. 17 countries were shown on the graph, but the UK was, fortunately, not one of them, so we can hope that everyone is relatively safe for now.
Affected routers changed their internal instructions so they no longer used their owners’ ISPs for help finding the sites they visit. This means that the cyber criminals could add adverts and malware into those sites without being flagged up by security.
Despite having the ability to use these routers for malicious means, it appears that no action was taken by the unidentified attackers.
Team Cymru member Steve Santorelli told the BBC that ‘It’s a definite evolution in technology – going after the internet gateway, not the end machine. We see these leaps in concepts every few years in cybercrime.’
UK security concerns
This isn’t the first time this year that the security of routers has been questioned. In January, the BBC reported on a large concern from EE that a large number of their broadband boxes from customers buying into their broadband from 2012 were susceptible to remote access, although nothing was said on whether or not they had been.