Russian Hackers Go After Home Routers to Hijack Internet Traffic
UK security officials warned that Russian military intelligence has been (as in actually occurring now) compromising vulnerable home Internet routers to hijack web traffic and spy on home users.
They say this is a broad and ongoing cyberespionage campaign.
Why? Because home and small business users do not have the expertise and so they are easy targets. They have bad security settings configured by their Internet providers to reduce tech support calls and not to keep their customers secure.
Think about this for a minute. Let’s say your home router is compromised. They use that router to route all your traffic through Russia. That includes, of course, if you work from home, your work traffic. They implement a man-in-the-middle (excuse me, person-in-the-middle) attack which allows them to decrypt all of your traffic, which includes, of course, your online banking credentials and your work network and vpn passwords. And, they use that connection to launch attacks against your neighbors.
The group, often called Fancy Bear (Bear is the tail that is used to describe Russian hackers), is “almost certainly” Russia’s GRU, according to GCHQ, theUK’s equivalent of our NSA – military signals intelligence.
This is the same hackers that last year 20 different intelligence agencies said were hacking multiple western logistics and technology firms. Successfully.
The alert said that the group was targeting TP-Link routers. TP-Link is a very common small business and home router. That does not mean that these are the only routers being hacked and it also doesn’t mean that Russia is the only country doing the hacking.
Think about this.
How long have you had Internet where you live?
When was the last time your Internet provider replaced your hardware? Likely never. Why? because (a) that would cost them money and (b) they are not liable if you get hacked. So why spend the dough.
You, of course, can look up the model on Google and see if it is still supported (likely not) and raise hell with your Internet provider to get them to replace it.
Likely also, they never apply patches to that router either.
Depending on your level of concern there are a couple of simple things you can do if you to mitigate the threat. Feel free to contact us for assistance.
Credit: The Record
by 