Being forced to make changes to your hardware that seems to be working fine can be a bitter pill to swallow, but not as bitter as losing personal or critical data. Netgear is one of many manufacturers that build routers intended for home users and sell big numbers, that makes them a prime target for hackers. The same goes for D-Link, Linksys and TP-Link – all have their own technical advisory pages.
Recently there have been a couple of fairly significant vulnerabilities to routers exposed that leave home users at risk. Unfortunately — and yet quite understandably from a business perspective — these issues will never be fixed on some routers.
What are the vulnerabilities?
The recent issue that affected Netgear routers (it’s not just Netgear that suffer issues, it’s simply a recent and good example) was discovered by the Zero Day Initiative (ZDI). The vulnerability meant that hackers could effectively take control of the router and as a result “sniff” any data that flows through it… bad news!
Unfortunately for users of that hardware, there’s a recently updated list of over 45 Netgear routers that will never see a fix for these issues. In fairness, similar to the Sonos issues of earlier this year, it’s not a fair or realistic option for a business to continue providing updates to hardware that is years old and well outside warranty. To get a closer look at the list, head over to the Netgear Security Advisory page where you can search by the model number of your router, or if you’re interested search for the phrase “outside support period”.
The reality is a lot of these types of issues are found, patched and the severity never “common” knowledge outside of the manufacturer’s security teams. This is smart as there will be some users who don’t know they should, let alone how to upgrade the firmware on their routers. Newer models overcome this with automated firmware upgrade options available which you can select at setup, but what about older models?
How do I update my firmware?
While from brand to brand, sometimes between models the specific details will differ slightly the process is similar. You’ll need to start by logging into your router and if you’re not sure what the IP of your router is open a command prompt and type in ipconfig. This will show you a stack of information, but what you want is the default gateway.
That’s the IP address to type into your router, then use your login and password to get in. Firmware upgrades are commonly done through the administration panel, with a “Check for update” button. It’s a very simple process to follow, you just need to know — and understand why — it needs doing.
Are there options other than replacing hardware?
The short answer is, of course, yes but in some cases, you’ll need a stack of technical know-how to achieve a positive outcome. Both OpenWRT and DD-WRT are pretty viable options to replace your routers vulnerable firmware.
NB. There is a danger in doing this, like rooting or installing custom ROM on your phone that you could potentially brick your router.
The issues with third-party firmware include the loss of all settings when you flash your router, potential loss of some functionality and unfortunately… the reality that there may not be a suitable option for your router.
If your router is vulnerable, take action!
Make no mistake, while the risk is not huge it’s very real. If your router becomes compromised it’s likely you won’t even know until it’s too late. A simple case of keeping your router updated — as you really should with any connected hardware — could save you massive heartache of losing precious data, access to accounts or even financial loss.
If your router is vulnerable without available updates, with no third party options (or you don’t want to take that path) then you’ve really only got two options:
- Accept the risk and continue using it
- Throw it out and buy a new router
We’ve looked at a number of viable options recently across a variety of budgets including D-Link, Netgear and currently on the test bench Asus. Have a think about whether you need a router or a Mesh system and take a closer look at your options.