Tumblr 101: Tips And Tricks To Get Started
Sebastian Thrun: Google's Driverless Car
Lazy Passwords Leave 21K Routers, Cams, Phones Open to Attack
In the "yet another thing to be paranoid about" category comes a report that nearly 21,000 routers, webcams and VoIP products are wide open to remote attack, simply because their owners have committed the ultimate sin: failing to change the manufacturer's default password for the devices.
The study was performed by Ang Cui, a grad student at Columbia University's Intrusion Detection Systems Laboratory, which has sponsored the likes of DARPA and the Department of Homeland Security. Researchers have now scanned over 130 million IP addresses, and discovered nearly 300,000 devices to be remotely accessible. And the 21,000 devices with default passwords are, of course, the most vulnerable -- "runts of the litter", if you will.
Linksys routers took the lead in head-slappingly lazy users in the United States, laying claim to 45-percent of the 2,729 U.S. routers that were publicly accessible via a default password.
The consequences for not changing these passwords can be extreme. Through unprotected routers, hackers could easily steal credit card information, or launch system-crippling attacks. Meanwhile, hacking into a VoIP system would allow easily recorded online conversations.
Bottom line: change your router password! Now! [From: Wired]
16 Grammys Looks That Weren't Working
Whitney Houston Autopsy: Cause of Death Determined?
Worst Movie Mistakes: Date Night Edition (PHOTOS)
Whitney Houston, Bobbi Kristina: Late Singer's Daughter Hospitalized
Adele Five-Year Break? Singer Plans to Focus on Relationship, Write 'Happy Record'
PHOTOS: President Obama's Kissing Technique
Jennifer Hudson Whitney Tribute: Grammy President Reveals Why Singer Was Chosen for Musical Memorial
Grammy 2012 Winners' List: Adele Sweeps Music's Biggest Night
How Hattie Lost 300 Pounds: 'I Was Ready To Do Whatever It Took To Survive'
3 Economic Misconceptions That Need to Die
5-Hour Energy: A Success Equal Parts Caffeine, Chemistry and Meditation
Matt Bomer Comes Out As Gay
People With Easy-To-Pronounce Names More Likely To Succeed, Study Says
Katy Perry Grammy Performance 2012: Did the Diva Diss Her Ex-Hubby With Revealing New Song?
Photos Of Dead Lacrosse Player's Injured Body Shown To Jury
Whitney Houston Dead: Stars React to Legend's Sudden Death
Grammy Awards 2012: The Best & Worst Of The Red Carpet!
12 Grammys Stars Who Gave Good Style
The Top 10 Slacker Colleges
15 Funny Valentine's Day Cards
Mystery Disease Kills Thousands
Remembering The People's Ballerina
WATCH: 25 Million Tons Of Japan Tsunami Debris Headed Directly Our Way
Oprah Under Fire For Controversial Tweet
PHOTOS: Thank God For Grown-Up Glamour
JUNGLE SURVIVAL: Marines Drink Snake Blood, Eat Insects
PHOTOS: Model Falls At Dennis Basso Show
New Clues, Details Emerge In Powell Case
LOOK: Amazing Underwater Photos Of Dogs
PHOTOS: Kate Spends Valentine's Day Solo!
PHOTOS: Beautiful Scars
15 Funny Valentine's Day Quotes
Comments
5
Subscribe to commentsLe Big MacOct 28th 2009 5:39PM
Only 21,000?
How many routers are there in use currently in homes? Surely 10s of millions. And only 21k are unsecured? Please--the number has to be in the millions.
grolltechOct 29th 2009 6:45AM
By default, Linksys & other routers are NOT *remotely* accessible without the user *explicitly* turning on this capability... meaning that 21,000 users actually made the effort to expose their admin interfaces to the public, yet failed to change the password. That's not "head-slappingly lazy", that's just "dope-slappingly dumb"!
Also, the original Wired article has a few more stats: "The 21,000 devices [...] are the most vulnerable, but the rest are theoretically vulnerable to brute-force password-cracking attacks. Extrapolating from the numbers they’ve gathered, the researchers estimate that 6 million vulnerable devices are likely connected to the internet. The group has so far focused on residential routers and devices but is now looking at scanning more sensitive networks to search for vulnerable devices inside large corporations and government networks."
John JohnsonOct 28th 2009 7:53PM
And how would they know this if they didn't ping the actual modems?
John DonsonOct 28th 2009 7:54PM
And how would they know they were unsecure if they didn't actually ping the modems?
jomazApr 2nd 2010 5:07AM
steel baton Cisco Systems released multiple security advisories regarding serious vulnerabilities in its IP Phones