Approximately five out of every six home WiFi routers are inadequately updated for known security flaws, according to a study conducted by The American Consumer Institute Center for Citizen Research (ACI).
Key findings from the ACI study of 186 WiFi routers from 14 different manufacturers included:
- Researchers discovered 32,003 known security vulnerabilities.
- 155 WiFi routers (83 percent) were found to have vulnerabilities to potential cyberattacks.
- 28 percent of WiFi router vulnerabilities were considered "high-risk and critical."
- The most-common vulnerabilities were considered "medium-risk," with an average of 103 vulnerabilities per WiFi router.
WiFi router manufacturers often do not provide user-friendly ways for consumers to update firmware or build security protocols into their devices as an unnecessary expense, ACI indicated. Meanwhile, consumers who try to update their router firmware might download outdated code that fails to protect their devices against malware, ransomware and other advanced security vulnerabilities.
Firmware: Here's What You Need to Know
WiFi router firmware is software that controls the device's basic function, ACI pointed out. Passwords often are embedded in firmware, and as such, the software plays a key role in WiFi router security.
Some WiFi router manufacturers provide automated firmware updates, but consumers rarely consider installing firmware updates on their routers, according to ACI. In fact, consumers are generally unaware of potential security vulnerabilities associated with their WiFi routers.
Ultimately, automated firmware updates represent "the most feasible option" to safeguard passwords and other critical information stored on WiFi routers, ACI said. Yet consumers sometimes ignore automated updates or have outdated firmware on older routers that increases consumers' susceptibility to cyberattacks.
Cybercriminals Increasingly Target IoT Devices
In addition to WiFi router attacks, cybercriminals are increasingly launching cyberattacks against Internet of Things (IoT) devices, ACI noted.
IoT attacks rose 600 percent year over year in 2017, according to the Symantec "2018 Internet Security Threat Report." Also, cybercrime damages are projected to reach $6 trillion by 2021 due in part to a potential rise in IoT attacks globally, research firm Cybersecurity Ventures indicated.
How to Prevent WiFi Router and IoT Device Attacks
WiFi router and IoT device manufacturers must commit resources to identify and mitigate open source vulnerabilities on their devices, ACI stated. At the same time, consumers must identify and address potential WiFi router and IoT device threats that could compromise their personal data.
MSSPs also can help organizations prevent WiFi router and IoT device attacks. These services providers can partner with organizations, teach them about various WiFi router and IoT device dangers and offer services and support to address such issues.