Home routers are open to attacks, as Huawei ‘backdoor’ shows

A security breach in Huawei routers points to a larger problem in your home.

Earlier this week, Bloomberg reported that home routers supplied by Chinese electronics giant Huawei to UK-based Vodafone had a way to bypass security, also known as a backdoor.

At a high level, this is a U.S. national security problem. The Trump administration, including the FBI and Department of Homeland Security, has repeatedly been saying at public forums that Huawei’s equipment is a vehicle for Chinese government espionage. Most recently, the U.S. is advising against the adoption of Huawei 5G hardware for the next generation of mobile networks.


But the vulnerability also points to a problem closer to home. Backdoors can allow hackers to break into your home router and get into any connected device in your home.

The problem lies in old firmware, default passwords, and a host of other configuration issues.

“Exploiting the poor, neglected computer inside these routers has become so popular and easy that automated tools have been created to make the process a breeze,” says a post at Null-Byte, a white hat hacker website.

After a hacker breaches the router’s Wi-Fi security and login page, then they typically target the software that controls the router, the so-called firmware. Then, in a process known as "rootkitting," a hacker drops custom, malicious firmware into the router.

“Depending on the goals and resources of an attacker, this can include spying on the user and any connected devices [and] injecting malware into the browser to exploit connected devices," the post said.

"The issues in Italy identified in the Bloomberg story were all resolved and date back to 2011 and 2012," a Vodafone spokesperson told Fox News, adding that Bloomberg's reporting is "incorrect" and there is "no evidence of any unauthorized access."

"The 'backdoor' that Bloomberg refers to is Telnet, a protocol commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet," the spokesperson added.

“In our experience, backdoors are very often found on home routers, regardless of the vendor,” Jimmy Jones, Telecom Business Unit Lead at Positive Technologies, an Internet security firm, told Fox News in a statement.

Jones said routers from D-Link, Cisco/Linksys/Netgear, TP-Link, Zyxel and other well-known brands have all been found to have backdoors. “So there’s no need for consumers to be any more worried about Huawei routers than any others,” he added.


How to protect yourself

Research from Avast, a cybersecurity firm, shows that approximately half of users have never logged into their router’s administration page and more than 70 percent have never updated their routers’ firmware.

Jones said it's always advisable to update your router since old routers tend to be the most vulnerable. “Routers should be periodically changed, because vendors rarely support devices that have been removed from sale."

Avast suggest steps such as installing your router in a safe place “where the wireless signal is available only inside your own house. Avoid placing it near a window.”

“Once we stop seeing our routers as part of the furniture, we can turn our attention to keeping them as...secure as possible,” Kevin Townsend wrote in an Avast blog post.

Other suggestions include: turn off the older WPS security setting and turn on WPA2 encryption, change the default admin username and password to a strong password, upgrade your router firmware, don’t’ forget to log out after managing the router and disable remote management of the router over the internet.