Yesterday I was honoured to attend my first School of Computer Science Industrial Advisory Board meeting at Birmingham University. Amongst the esteemed people I was mixing with I got talking at length to Andrew Watson from Object Management Group and the man behind no2id.net - a very convincing series of arguments on why the compulsory ID card scheme tabled by the Government is both impossible and a bad idea.
We got onto the subject of security (amongst other things), and I was shocked to hear about a very worrying new threat which could affect anyone with one of the new range of wireless routers. Got one? I suggest you read on.
If you are one of the many people who has bought a wireless (or indeed one of the wired versions) recently, you will no doubt have been given the option of changing the default administrator password when you set it up.
There are many people who ignore this, thinking it’s not necessary. Suffice to say that unless you want your personal data stolen and misused I advise you to log in to your router right now and change that password to something else.
By default, routers come with a default user of ‘admin’ and a standard password, either blank or ‘admin’, or other easy to guess words.
Some smart hackers noticed this trend and have created a Javascript which will allow them to gain access to all of your internet usage.
Here’s how it works:
1. You visit a site that is set up by a hacker, which includes a hidden Javascript.
2. The Javascript runs in the background when you load the page, and by default tries to access some of the common locations for your Router’s control panel - 192.168.0.1:80, etc.
3. When the script successfully finds a login page, it tries to log in to the router using standard factory setting usernames and passwords.
4. If it manages to get in, it then navigates to one of another standard list of locations for where the DNS servers are set. These are the servers which tell the Router where to ‘look’ for a given internet address, and translate things like ‘www.steflewandowski.com’ to ‘82.138.243.41′, which is then used to send requests for web pages etc.
5. It changes whatever DNS servers you have set up by default to DNS servers owned by the hackers. So let’s say for argument, to my server - 82.138.243.41
6. From then onwards, every single request you make to any web page, email program or anything else to do with the internet is then first sent as a request to that DNS server (in this case mine).
7. Then this is the clever bit. A couple of weeks later, when you log onto your internet banking site using your username and password, the hackers have cleverly set up a fake website that looks identical to your bank’s and all of a sudden the hacker has your username and password. The same thing could apply to your email account or any other sensitive site.
So - right now, go to your router’s control panel and change that password if you haven’t done so already…
More about this security issue here.
3 Comments
Just to add to this - if you have a wireless router and you don’t want other people to use it from parked cars outside your house then you’ll want so secure it. Most wireless routers default to no security or at best WEP. WEP is broken and effectively useless - so change to WPA-PSK (or WPA if you have the necessary bits and pieces).
Unfortunately, many WiFi enable devices (including quite a lot of mobile phones and home media systema) don’t appear to support encryption other that WEP… Ah well.
hi there im wondering if you could help me i cant get into my password settings for my wireless router im sure when i first put it in i didnt put in a password and ive tried admin and it still saying unauthorised please can you help me thanks ken.
@Ken - the default password may be on the bottom/back of the router or in the documentation that came with it. If that doesn’t work and you still need to get in, the only course of action is to press the Reset button on the router. You should be very aware of what you are doing there, you may lose vital settings to connect to the internet so make sure you have searched on Google for instructions, downloaded them, contacted your Internet Service Provider in advance to get reminders on any settings you may need.