Older broadband routers are vulnerable to hackers, report warns

6 May 2021, 07:04

Technology Ethernet Cable Stock
Technology Ethernet Cable Stock. Picture: PA

New research from Which? suggests a number of older devices could house security flaws which make them vulnerable to hackers.

Millions of households across the UK could be vulnerable to hackers because of old broadband routers which have security flaws, consumer group Which? has said.

The organisation said its testing of a number of old router models used by internet service providers found two-thirds contained a security flaw that could allow hackers access to the network.

The Which? research suggested a number of the devices had weak default passwords that were easily guessable and could therefore enable a hacker to gain access, while others did not receive regular security updates designed to protect them from new viruses or had other local network vulnerabilities.

Hacking a router can give attackers the ability to spy on people as they browse online and even direct them to malicious websites.

Which? said routers from EE, Sky, TalkTalk, Virgin Media and Vodafone were among those affected.

As part of its investigation, Which? said it tested 13 older router models for flaws and found that nine of them would fail to meet requirements proposed as part of Government plans to improve legislation around connected devices.

The consumer group said as many 7.5 million people could potentially be affected by the apparent flaws, based on a survey of people by Which? who were found to be using the affected models.

Kate Bevan, Which? computing editor, said: “Given our increased reliance on our internet connections during the pandemic, it is worrying that so many people are still using out-of-date routers that could be exploited by criminals.

“Internet service providers should be much clearer about how many customers are using outdated routers and encourage people to upgrade devices that pose security risks.

“Proposed new government laws to tackle devices with poor security can’t come soon enough – and must be backed by strong enforcement.”

In response to the research, Virgin Media said it did not “recognise or accept the findings” of the Which? research and that 90% of its customers were using its latest router models.

“The safety and security of our customers is always a top priority and we have robust processes in place to protect them by rolling out security patches and firmware updates as well as issuing customer communications where necessary,” a Virgin Media spokesperson said.

The BT Group, which also owns EE, said it wanted to “reassure customers that all our routers are constantly monitored for possible security threats and updated when needed”.

“These updates happen automatically so customers have nothing to worry about. If a customer has any issues, they should contact us directly and we will be happy to help,” the company said.

In response to Which?’s warning that older routers had weak default passwords, TalkTalk said a “very small proportion” of the affected devices were being used by customers and users can “change their passwords easily at any time”.

Vodafone said it had stopped supplying one of the devices named in the research in August 2019 and the other “will continue to receive firmware and security updates as long as the device remains on an active customer subscription”.

By Press Association

More Technology News

See more More Technology News

AI warning

Essays written with ChatGPT feature repetition of words and ideas – study

A broadband router

Big four broadband firms beaten by smaller rivals in latest Which? survey

A person pressing on the Tik Tok logo on the screen of a smartphone

TikTok to launch online election centres to counter misinformation

A person using a laptop

Up to eight million UK jobs at risk from AI, report says

Smartphone showing apps

One in six adolescents have experienced cyberbullying, global study finds

An Uber Eats driver

Uber Eats driver wins payout over discriminatory facial recognition checks

Rishi Sunak visits Cumbria

Sunak says UK ‘more robust’ on China than most allies

Chinese President state visit – Preparations

Minister calls China ‘security threat’ after UK and US blame Beijing for hacking

China

UK and US accuse China of ‘malicious’ global cyber attacks

A hand on a laptop

Tougher action needed to combat copycat banking websites, says Which?

Dowden

Dowden guarantees UK elections will be safe from Chinese cyber attacks

A woman’s hand pressing a key of a laptop keyboard

Cyber security agency says China behind ‘malicious’ cyber attacks on UK

A young girl uses the TikTok app on a smartphone

TikTok Youth Council holds first meetings on better online safety for teenagers

Margrethe Vestager

EU opens competition investigations into Apple, Google and Meta

Social Media Stock

Some parents coming to regard online harassment of girls as ‘normal’ – report

historisches Werbeplakat fuer den Spielfilm “Terminator Jugdement Day” mit Arnold Schwarzenegger, Berlin.

Hollywood has ‘helped to fan flames of fear about AI’, peers hear