Monday, June 19, 2017

Virgin Patches Wireless Security Flaw

Virgin Media have developed and distributed a security patch for their Super Hub home routers after a potentially serious security flaw was uncovered by cyber security consultancy ‘Context Information Security’.

What Security Flaw?

The flaw was found to be an encryption key in a feature that was designed to allow users to make encrypted back-ups of their custom configurations e.g. port forwarding and DNS settings. The problem was that all Virgin Super Hubs were found to have exactly the same private encryption key.

What’s The Big Deal?

The Super Hub Routers ‘Super Hub 2’ and ‘Super Hub 2 AC’ (made by Netgear) are the standard home routers that are used by one of the UK’s largest ISPs, and they are, therefore, used in millions of homes (and small businesses) across the UK. Having a common security flaw in all of them, which (it is believed) could be exploited by cyber criminals using a relatively low-tech approach and low cost method could represent a major security risk for millions of people.

What Could Happen?

In an un-patched router, and with access to the administrative interface, a cyber criminal could potentially be able to download the router’s config file (the file containing the parameters and settings for the device), add their own instructions to that file, and upload it to the router again. The type of instructions they could write-in could be allowing them remote access to the router. This could, therefore, mean that all traffic to and from a person / household’s / business’s devices (PC, phone and tablet) could be monitored, and personal data / details could be stolen e.g. payment details and passwords.

How Was The Flaw Discovered?

It is not uncommon for researchers from cyber security companies to test popular devices and programs for possible flaws, and then to report the flaws to the developers / distributors of the products. The discoveries made can often benefit the cyber security company in terms of good PR as well as benefitting the developers and the users of the products.

In this case, researchers from cyber security consultancy managed to gain administrative access to the Virgin routers by reverse engineering the software for them.

Reported & Patch Produced

After discovering the security flaw, Context shared its findings with Virgin Media who were then able to produce a patch for the routers.

What Does This Mean For Your Business?

If you already have a Virgin Super Hub router, it will have been patched automatically as part of scheduled firmware update at the end of May this year. If you are about to get / have just got a new Virgin Super Hub router, you will be pleased to know that the patch / update is included with it.

This story confirms that, even with popular IT / connectivity products / technologies, there are still security flaws that could put your valuable personal data at risk. This has long been a fear, for example, with many household IoT devices too, where the advice has been to make sure that the default password is changed. Devices with common keys / passwords make it much easier for criminals to launch large scale attacks.

The only thing we can really do is to make sure that our basic online / data security measures, practices and policies are kept up to scratch, are adhered to, and that we remain vigilant.

No comments: