Security Market Segment LS
Tuesday, 29 May 2018 09:02

Singtel leaves routers open to attack by mistake

By

Singapore ISP Singtel opened up port forwarding to troubleshoot issues with some gigabit routers but then forgot to close the opened port after the problem was fixed. Result? Port 10000 was left open for attackers to gain full control of these routers.

NewSky Security research lead Ankit Anubhav, who discovered the open port and dubbed the issue ForgotDoor, said any router which had port 10000 open could be easily accessed and controlled by attackers. A total of 975 routers were observed to be vulnerable.

The password could be changed from the settings menu once one had access, with this being very simple if the default credentials had not been changed.

Anubhav said the routers were connected to multiple devices which meant that these devices too would be open to compromise.

News of the vulnerability was conveyed to CERT Singapore who informed Singtel to fix the issue.

Douglas Mun, deputy director in charge of SingCERT at the Cyber Security Agency of Singapore, was quoted as saying: "The ISP SingTel has disabled port forwarding to port 10000 for the affected routers. Root cause: Port forwarding was enabled by their customer service staff to troubleshoot Wi-Fi issues for their customers and was not disabled when the issues were resolved.

"ISP Singtel will be taking measures to ensure that port forwarding is disabled after troubleshooting has completed."

Anubhav said that one way to cut down on attacks was to let IoT devices connect via non-standard ports.

"For example, setting up SSH on an unusual port can save the device from a lot of brute-force attacks that are designed to attack the default SSH port (which is 22).

"However, this practice should never be considered as a replacement for basic IoT security. With easily available crawling scripts and services like Shodan, it is easy for attackers to find out such unusual ports being used."

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments