Beware of compromised routers spreading malware. This is according to both Kaspersky Labs and a recently released government report.
Using hacked routers to spread malware is nothing new. Security insiders have known about it for years. However, since 2008, the number of instances where routers are being used to push malicious code has been steadily increasing. Researchers are observing marked increases in their use by APTs (Advanced Persistent Threat) around the world.
APTs are nothing new either, although their ranks have been growing in recent years. Many are state-sponsored hacking groups with virtually unlimited resources. Some are simply tight-knit groups of hackers banding together under a single banner.
Many people view hackers as lone wolves and that there are millions of lone wolves hacking networks across the globe. Increasingly though, these are becoming minor actors on the world stage. The real threat is now well-organized groups of hackers who can execute highly coordinated globe-spanning attacks and create botnets comprised of tens, or even hundreds of thousands, of compromised computers.
In addition to identifying and calling attention to a little-known attack vector, the recent announcement underscores an important weakness in current cybersecurity thinking. Most people are still laboring under the faulty assumption that they’re facing individual hackers operating out of a dark room in someone’s basement.
While those types of threats are no doubt present, it’s false to assume that’s where the biggest danger lies. If you get hacked, it’s just as likely (perhaps even more likely) that you’re actually facing a well-organized group who may have more resources at their disposal than your entire IT department. While you’re preparing to fight a skirmish, the barbarians are coming to your gates with an army. Most people are simply planning to fight the wrong type of battle, and that could prove to be a devastating mistake.