IT specialist advises - check routers!

IT specialists love them for their wide range of configuration options, customers especially for their price and low running costs. Routers of the well-known Latvian manufacturer Mikrotik with the RouterOS operating system based on Linux are very popular in general and also among our customers.

Unfortunately, bugs occur in almost every software (and hardware) and a good manufacturer usually fixes them regularly, which is another reason for the popularity of the mentioned platform. Some Mikrotik Routers have been in service for 10 years or more and still the manufacturer releases regular updates for them. On the other hand, the manufacturer does not force the user to install updates, and by default the routers are not even updated automatically, because it is assumed that someone on the owner's side will handle regular updates so that it does not compromise operations.

If you think that competing vendors have it better handled, try to remember the situation in 2015 when a botnet abusing the Ubiquiti manufacturer's equipment took down the wireless network of one of the providers in the Czech Republic and caused a very challenging crisis situation.

Last year, a critical security flaw was found in RouterOS 6.38 and lower, allowing a potential attacker to remotely take full control of the router. All that is needed is - a web interface accessible from the Internet or management using Winbox. Attackers primarily exploit this flaw for coordinated overlay attacks on websites, but under certain circumstances it is possible to attack any website, including, for example, internet banking.

Because our clients' security is our top priority, we update their network infrastructure automatically. And if you are not our client, have your router checked. Our survey of 100 random routers available from the Internet shows that more than 50% of them are vulnerable.

Jan Mitoraj, Head of Outsourcing at Railsformers s.r.o.