Seventy-seven Cisco router models vulnerable

Alex Zaharov-Reutt
Wednesday, 21 February 2007 10:34

Business IT - Security

It's not a case of the lucky sevens for Cisco - 77 of their routers are vulnerable to the threat of drive-by pharming too! Which networking company will be next?

In an advisory posted at Cisco’s website, 77 models of Cisco router are identified as being susceptible to the drive-by pharming attack that was exposed earlier this week by Symantec researchers.

The attack can be launched through malicious code on websites that can reach into your router and modify its settings, exposing you to phishing attempts to get your banking username and password, other login information or other data on your computer – but only if the default username and password haven’t been changed.

Once the username and password have been changed, the drive-by pharming attack won’t work – unless hackers try to use some form of brute force attack to guess your username and password. But for now, that’s more difficult to do or hide.

All-in-all, Symantec’s report has done us all a favor. It has once again brought the crucial importance of security front-and-center into our minds, and will hopefully cause as many people as possible to ensure that no default usernames or passwords are used, anti-phishing technology like Trustdefender www.trustdefender.com is deployed, the latest 2007 Internet Security software is installed and passwords are changed on a regular basis.

And while we only know that Netgear, D-Link, Linksys and now Cisco are affected, chances are that all routers still with default usernames and passwords are at risk.

So... security by obscurity or an attitude of ‘it’ll never happen to me’ is never a good defense. If you’re unsure about your own PC and Internet security status – doing something about it now, before it's too late, and you have to spend good money and time getting back to secure status.