A recent survey of 2,205 regular users has proven once again that most people don’t update router firmware, don’t change default credentials, and don’t generally know how to secure their devices.
For the past two-three years, there has been a deluge of news articles and research papers detailing large botnets built by exploiting router vulnerabilities and by hijacking devices still running default login credentials. These are the two main methods exploited by attackers.
The results of a survey carried out by fellow tech site Broadband Genie confirmed what most security researchers suspected, painting a clear and depressing picture of how careless or clueless some users are about keeping their router safe from hackers.
86% of respondents have never updated the router’s firmware
According to Broadband Genie, only 14 percent of the 2,205 respondents have updated their router’s firmware and only 18 percent have changed the device’s default admin account password.
That means that approximately five out of six routers are never updated with new firmware and four out of five devices run with factory credentials, becoming cannon fodder for modern botnets.
These botnets are known to aggressively mass-scan the Internet for new devices to infect, and unless internet service providers get involved in filtering the traffic that tries to exploit their router fleet, most of these devices are most likely infected with malware that has corralled them inside a botnet.
Users are confused by the settings, are clueless about security
Further, only 31 percent of users changed the WiFi network password (which is different from the router’s admin password), and only 30 percent checked the router’s admin panel to see what other devices are connected to their router.
All in all, more than half never —51 percent— did not do any of these things. The reasons why users didn’t bother with changing any of these settings are explained in the answers to a subsequent question.
According to Broadband Genie, 34 percent of respondents said they weren’t sure how to execute any of these operations, 6 percent said they could not find clear instructions to execute any of these operations, 3 percent said the software was confusing, and a whopping 48 percent said they didn’t know “why [they] would need to” change these settings in the first place.
The problem is on both sides
This latter set of answers shows failings on both sides of the “router problem.” First, device makers fail miserably at designing their software, and second, users show little interest in educating themselves about the devices they own.
To fix these basic shortcomings, router makers should be providing one-click interfaces for updating the device firmware, and default device passwords should be unique per device, preventing botnets from automating attacks.
Furthermore, devices need to ship with simple how-to guides containing basic instructions about how a user could keep his device secure.
Users should be clearly told that routers infected by a botnet usually work slower and lose their performance, as they also relay traffic for malicious actors. Users would then have an active interest in securing their device.
But until things change, users looking to keep malware off their routers can check out the Router Security portal for comprehensive how-to guides on properly configuring their devices, or alternatively this Vice piece.