"Millions of Older Broadband Routers Have These Security Flaws, Warn Researchers"

A new investigation conducted by the consumer watchdog Which? in collaboration with security researchers, discovered the vulnerability of millions of old broadband routers used in the UK to hacking. Which? identified 13 older routers commonly used by consumers in the UK and found that nine of them do not meet modern security standards. The consumer watchdog estimated that up to 7.5 million users in the UK might be impacted. The vulnerable routers give attackers an opportunity to spy on users as they browse the Internet or redirect them to malicious websites. Some of the router models have not been updated since 2018 or, in some cases, since 2016. Sky's SR101 and SR102, the Virgin Media Super Hub and Super Hub 2, and TalkTalk's HG523a, HG635, and HG533 have been highlighted for their lack of updates. EE's Brightbox 2 has been discovered to contain a vulnerability that could allow a hacker to take full control of the device. In addition to a lack of regular updates, many of the older routers were found to come with weak, easily guessable default passwords. In an effort to increase the implementation of security in the design of devices, the UK's Department for Digital, Culture, Media, and Sport announced a new law that will prohibit manufacturers from using default passwords. The law will also require manufacturers to tell customers how long their devices will receive security updates as well as provide a public point of contact for security vulnerability disclosure. This article continues to discuss flaws found in older routers that are still commonly used by consumers in the UK and efforts to better protect consumers from cyberattacks. 

ZDNet reports "Millions of Older Broadband Routers Have These Security Flaws, Warn Researchers"