As 2016 was winding down to an end, we warned you about the top three cybersecurity threats that will plague the upcoming year. Ransomware was at the top of the list, but a close runner-up was a new form of cyberattack that we’ve only just received a glimpse of.
They’re called DDoS attacks, or Distributed-Denial-of-Service attacks, and lackluster security for private home routers is one of the key ways hackers execute them. Weak passwords, outdated firmware and other gaps within your network leave the back door open for hackers, so to speak, allowing them to infect your smart home devices with malware.
It’s not just your computer that’s at risk anymore. Printers, DVRs, webcams, security cameras, baby monitors, smart TVs, etc., can all be infected these days.
Now, the Federal Trade Commission is warning that D-Link routers and security cameras could have been contributing to this problem for quite some time now. The FTC has filed a complaint, stating thousands of individuals have been put at risk due to significant gaps in security.
These gaps, according to the report, are well known and “easily preventable flaws,” that could allow hackers access to your private home network.
According to the FTC complaint, D-link has failed “to take reasonable steps to protect their routers and IP cameras from widely known and reasonably foreseeable risks of unauthorized access.”
The FTC is claiming that D-Link has failed to do software testing and measures to protect the said products against widespread and preventable flaws like hardcoded login credentials, backdoors and man-in-the-middle command injection flaws.
Moreso, the company failed to safeguard their software public key leading to the exposure of the key to the public for about six months.
D-Link is also being accused of failing to secure their users’ mobile login credentials and have stored said credentials in plain text on mobile devices.
D-Link has denied the claims made by the FTC, however, we doubt the FTC would make such allegations without reason. The fact that the FTC has singled out D-Link is also cause for concern.
In a world where DDoS attacks are becoming a larger threat, it’s likely that the FTC is simply nudging manufacturers to incorporate greater security measures into their products.
For now, however, we can’t recommend that you use D-Link routers or security cameras. Here’s a list of three alternative router options.
This story also brings to light the importance of securing your home router, regardless of the brand. Click here for three reasons your router might need an upgrade, and follow this tip to keep hackers out of your private home network.