An ISP in Brazil has deployed routers without a Telnet password leaving all the devices open to the public. The devices have been discovered by Ankit Anubav, Principal Researcher at NewSky Security, a CyberSecurity Company which is currently specialized in security relating to Internet of Things. The devices that are exposed are Datacom routers (DM991CR, DM706CR and DM991CS).
Some routers even allowed anyone to alter the configuration. “This is not an issue with device architecture, but a poor configuration of the devices as their telnet is exposed to the outside world without any challenge,” said Anubhav. The researchers also pointed that routers come with master passwordless Telnet service by default. The ISP Oi was contacted to report the vulnerabilities but the chat was automated with AI chatbots. The NewSky Security has notified the CERT Brazil about the exposed routers.
Taking over these routers is trivial, even for an amateur. “IoT attacks can be simplified to three levels: Level 0 (attacking device with no authentication), Level 1 (guessing a weak/default password), and Level 2 (using an IoT exploit to gain access),” Anubhav explains.
On the whole IoT device exploits are becoming more complicated with NewSky Security seeing an increase in the complex attacks day after day.
“Setting up a strong password and keeping your IoT device updated limits the attackers to having to use either a zero-day or a lengthy bruting session, both of which are not very lucrative options for most attackers, hence making your device safer,” the expert added.
Take your time to comment on this article
