Unsecure Routers Pose a Serious Risk to Small Businesses

Today, business cannot operate without an internet connection. Business leaders are more empowered than ever with the resources attainable with the internet, and by keeping security in mind, businesses can make the most of the internet while knowing their data is secure. For many small businesses their survival is dependent on the internet, making it that much more important to have security top of mind.

Small and Medium Businesses often find themselves between a rock and a hard place in terms of security. They understand the necessity of implementing security solutions but cannot afford the full advanced security measures large enterprises implement to protect their sensitive data which makes them easier targets and more attractive to hackers.

All too often, businesses use consumer grade, off-the-shelf routers to connect to the internet. While these affordable solutions appear to be a fit for a small business, their security capabilities are not sufficient enough to protect the data of a business, no matter how small. Many of these solutions claim to protect users, but they are, in fact, prone to vulnerabilities leaving sensitive data exposed and easily accessible to cybercriminals.


Consumer grade routers – a serious security risk

The easiest way an attacker can access a network is by exploiting a vulnerability, which is a software or hardware flaw that can be breached. Different vulnerabilities are constantly found in consumer grade routers. While manufactures do their best to ensure there aren’t vulnerabilities, hackers are constantly poking around security measures to find them.

Recently, researchers have found what was rightfully described as “serious flaws” in more than 800 different Netgear and D-Link devices. These devices were exposed to at least one out of 74 different known exploits. Some of these exploits even allow attackers to control the routers completely. In addition, numerous devices were exposed to unknown vulnerabilities. One can only imagine how many businesses were put at risk as a result of these flaws.

In 2014, several vulnerabilities were discovered in other devices manufactured by TP-Link and TrendNet, Check Point, too, discovered a major vulnerability in residential gateways dubbed Misfortune Cookie. Both vulnerabilities allowed attackers to take control of the routers and endanger users.

These vendors are not alone. Asus has recently settled a large lawsuit by the US Federal Trade Commission, after a critical default setting vulnerability was found in their routers. This vulnerability enabled attackers to remotely access and control any router manufactured by Asus around the globe. The vulnerability was in fact exploited by attackers in several cases.

The various vulnerabilities described above come to show how insufficient and dangerous consumer grade routers can be. This is an issue that should keep managers awake at night, knowing they could be endangering their businesses. Furthermore, these are merely a few examples out of many vulnerabilities are found in consumer grade routers. Considering these manufactures are the industry’s leaders and together account for over more than 80% of routers sold in Q1 2015, this is a very wide-spread problem.


So, what can small businesses do to protect themselves?

The obvious solution is to introduce robust security protections; however, as previously mentioned, many small businesses are unable to implement and maintain advanced security measures on the small business dime. SMB are all too often left unfairly armed against attacks that can easily cripple them, or worse, put them out of business.

However, there is an affordable and maintainable solution. Check Point offers a full security suite for SMBs, which integrates advanced enterprise-grade protections into a simple platform at an affordable cost. The new Check Point 700 series platform can serve as an Internet router, Wi-Fi access point and an advanced network security device all-in-one, providing SMBs with best of all worlds. This platform requires low management and minimal IT skills while providing the same breadth of protection as a large enterprise would receive.

Check Point’s security technologies are designed to prevent cyberattacks and detect zero-day threats while maintaining maximum Internet performance in a single platform. These technologies act as proactive prevention to not only detect, but to prevent cyber threats from even infiltrating the network. This means, cyberattacks are detected before any damage is done. This is crucial for SMBs, which often cannot handle the ramifications of a breach. Small businesses must prevent attacks in order to survive them. 

For more information we invite you to take a look on our products.