Between your home network and the internet sits your broadband router. This humble device is often overlooked, yet it is also your first line of defence against hackers, malware and viruses.
It’s easy to assume that the latest firmware for your router will provide protection against cyber threats. However, our new research has found that even the latest broadband router firmware remains dangerously vulnerable to attack.
Firmware is the operating system and software that controls all the features of your router, from the blinking lights and configuration options, to advanced network security features. Similar to any desktop operating system, firmware can contain thousands of system files, any of which may contain security vulnerabilities.
Just like any software you would install on your laptop or personal computer, it needs to be maintained and updated frequently to mitigate known security vulnerabilities. Unfortunately, we have found that even the latest firmware contains security holes.
To test how secure these devices really are, we extracted the firmware from 37 currently available broadband routers. We then reverse engineered the firmware to analyse components such as the operating system, system libraries and executable files. This allowed us to construct a comprehensive database of devices, software versions and known vulnerabilities.
We found that 90% of the components analysed were more than six years old. In every firmware we found…