14 DAY TRIAL // A study published by The American Consumer Institute found that out of a sample of 186 home routers, 83% of them were exposed to security attacks because of known vulnerabilities in their firmware.
The study, which used Insignary's Clarity to scan for and detect potential vulnerabilities in the routers' firmware, discovered that every sample router was vulnerable to an average of 172 exploits, with a total of 32,003 vulnerabilities found for the 186 routers sampled.
What's even more worrying is that out of all the security risks found to affect the examined routers, 28% of them had critical and high-risk vulnerabilities, with an average of 36 high risk and 12 critical attack vectors.
This is important to mention since critical and high-risk security flaws are a lot easier to be exploited and also come with a significant increase in the level of damage when compared to low and medium ranked weaknesses.
As detailed in the research (.PDF), all detected vulnerabilities had a CVE identifier in MITRE's public database, and some of the analyzed routers had more than one component exploitable using the same CVE identification number.
Routers and IoT devices are an increasingly attractive and easy to compromise target every year
Although The American Consumer Institute's "Securing IoT Devices: How Safe Is Your Wi-Fi Router?" is focused only on home routers, the researchers also highlight the fact Internet of Things (IoT) devices with an always-on Internet connection are also an increasingly attractive target to threat actors.
The number of IoT attacks has increased by 600% in 2017 alone, and home routers were the target in 33.6% of all detected incidents according to Symantec's Internet Security Threat Report.
All IoT devices and routers exposed to high risk or critical vulnerabilities can easily be compromised by attackers, which can lead to devastating data loss and even stolen identities.
"Wi-Fi router manufacturers are neglecting to update their firmware for known vulnerabilities, and the problem is likely more pervasive for other IoT devices. When these security lapses occur, firmware can be fairly easily exploited by hackers with nefarious intentions," says the study.