Default Configs - The Original Sin
It is with deep regret that I announce the security atrocities being commited by Internet Service Providers. These ISPs sell broadband solutions and actually imbibe no element of security on their part.
My story: I recently purchased a popular broadband router modem because of its reputation of being very fast. I had a staff of the company set it up for me. I actually thought that the setup would include some basic security advice on how to manage my modem, but that was not the case, the staff just changed my SSID to the name I wanted and THATS ALL.
These were the settings untouched:
1) Username and password to log into the management console of the router. The default was (user:user)...jeeeezzzz.
2) The Wireless security protocol: It was left on WEP, instead of using the more secure WPA/WPA2.
3) The default wireless password is the MAC address of the router, which is written on the carton enclosing the router.
There are a lot of these routers where I live (from a wireless scan) and it is this default configurations that are on them
I had to change these settings myself, and I must admit, they were not easy to find, I had to look around almost on every page to find where I could change my Wireless network password.
How negligent can we keep getting about security. In a society where there is a rapid rise in the deployment of all sorts of technologies, we have to imbibe the security habit. Just like we lock our doors or gates when we go to bed, or even our car doors when we leave the car, we must imbibe that habit into everything around us. A huge part of the populace do not know the implications of a cyber breach (security breach of your cyber-environment). This can be verified from the wireless survey carried out by one of the Big 4 Consulting firms (Deloitte) which shows how a lot of wireless points have insecure configurations.
Unlike a physical security breach, they are hard to detect and very easy to fall prey. Wireless networks are significantly flawed and numerous research articles have shown that there are a lot of security misconfigurations.
Ease of security breach:
1) Firstly we try to get into the network. This involves trying to decipher the password. It can be done in two ways: Social engineering and by automated caputre and offline cracking.
Social engineering: This is the deceptive act of obtaining sensitive information from a victim.
Since these passwords are actually written on the packs of the router, through social engineering, an attacker could easily leverage on the victim's trust and gain physical access to the router, thereby obtaining the default password.
Autmated Capture and Offline cracking: Since the default wireless protocol is WEP, one can easily use readily available tools (aircrack suite of tools is an example) and remotely obtain the password of the wireless network.
2) Once you obtain the above password, the rest is piece of cake, you can access the management console, gain access and route the victim's traffic to your machine.
If these steps happen, it will take the grace of God for your to detect something is wrong. Your internet banking details, social networking profiles are at high risk.
Thousands of these routers have been deployed and I can bet that this is the status quo on most of them. It is the responsibility of the ISPs to create awareness on the security of its products and they should start living up to it, since they are the ones that set it up most times.
My story: I recently purchased a popular broadband router modem because of its reputation of being very fast. I had a staff of the company set it up for me. I actually thought that the setup would include some basic security advice on how to manage my modem, but that was not the case, the staff just changed my SSID to the name I wanted and THATS ALL.
These were the settings untouched:
1) Username and password to log into the management console of the router. The default was (user:user)...jeeeezzzz.
2) The Wireless security protocol: It was left on WEP, instead of using the more secure WPA/WPA2.
3) The default wireless password is the MAC address of the router, which is written on the carton enclosing the router.
There are a lot of these routers where I live (from a wireless scan) and it is this default configurations that are on them
I had to change these settings myself, and I must admit, they were not easy to find, I had to look around almost on every page to find where I could change my Wireless network password.
How negligent can we keep getting about security. In a society where there is a rapid rise in the deployment of all sorts of technologies, we have to imbibe the security habit. Just like we lock our doors or gates when we go to bed, or even our car doors when we leave the car, we must imbibe that habit into everything around us. A huge part of the populace do not know the implications of a cyber breach (security breach of your cyber-environment). This can be verified from the wireless survey carried out by one of the Big 4 Consulting firms (Deloitte) which shows how a lot of wireless points have insecure configurations.
Unlike a physical security breach, they are hard to detect and very easy to fall prey. Wireless networks are significantly flawed and numerous research articles have shown that there are a lot of security misconfigurations.
Ease of security breach:
1) Firstly we try to get into the network. This involves trying to decipher the password. It can be done in two ways: Social engineering and by automated caputre and offline cracking.
Social engineering: This is the deceptive act of obtaining sensitive information from a victim.
Since these passwords are actually written on the packs of the router, through social engineering, an attacker could easily leverage on the victim's trust and gain physical access to the router, thereby obtaining the default password.
Autmated Capture and Offline cracking: Since the default wireless protocol is WEP, one can easily use readily available tools (aircrack suite of tools is an example) and remotely obtain the password of the wireless network.
2) Once you obtain the above password, the rest is piece of cake, you can access the management console, gain access and route the victim's traffic to your machine.
If these steps happen, it will take the grace of God for your to detect something is wrong. Your internet banking details, social networking profiles are at high risk.
Thousands of these routers have been deployed and I can bet that this is the status quo on most of them. It is the responsibility of the ISPs to create awareness on the security of its products and they should start living up to it, since they are the ones that set it up most times.
Comments
Post a Comment