The Home Router as Part of the Attack Surface

As a company’s number of remote employees grows, so does its attack surface. Researchers working for CYR3CON recently evaluated vulnerabilities associated with 343 common home routers spanning 24 different vendors.

The home router is perhaps an even more concerning piece of the attack surface for remote work largely because of these three reasons:

1. Home routers are often configured with default settings by
consumers – as opposed to corporate IT teams (with the
possible exception of executives in some firms).


2. Router manufactures often employ older operating systems
and many are slow to issue firmware updates with patches5
.
3. Attacks to the home router are typically an earlier phase of an
attack – for example the router may misdirect the user’s traffic to
a malicious website that will launch the next phase of the attack.
As such, the security team will attribute the attack to phishing or
some other vector as opposed to the home router.

Watch the latest video from our CEO and consider your next move as you address this threat from the expanded attack surface that now includes your employees' home routers. 

The Home Router as Part of the Attack Surface

Download the full report for a detailed analysis of the threat as well as a look at the anatomy of a home router attack.