lead forensics
mercia facilities management
Do You Need Help? Call Now!
0800 157 7133
call now small

Professional IT Services

IT Support

Web Site Hosting & Design

IT Outsourcing

IT Infrastructure & Cloud Services

Available Throughout Warwickshire & The West Midlands

Competitive Rates and Quality Service

Virgin Patches Wireless Security Flaw

Virgin Media have developed and distributed a security patch for their Super Hub home routers after a potentially serious security flaw was uncovered by cyber security consultancy ‘Context Information Security’.

What Security Flaw?

The flaw was found to be an encryption key in a feature that was designed to allow users to make encrypted back-ups of their custom configurations e.g. port forwarding and DNS settings. The problem was that all Virgin Super Hubs were found to have exactly the same private encryption key.

What’s The Big Deal?

The Super Hub Routers ‘Super Hub 2’ and ‘Super Hub 2 AC’ (made by Netgear) are the standard home routers that are used by one of the UK’s largest ISPs, and they are, therefore, used in millions of homes (and small businesses) across the UK. Having a common security flaw in all of them, which (it is believed) could be exploited by cyber criminals using a relatively low-tech approach and low cost method could represent a major security risk for millions of people.

What Could Happen?

In an un-patched router, and with access to the administrative interface, a cyber criminal could potentially be able to download the router’s config file (the file containing the parameters and settings for the device), add their own instructions to that file, and upload it to the router again. The type of instructions they could write-in could be allowing them remote access to the router. This could, therefore, mean that all traffic to and from a person / household’s / business’s devices (PC, phone and tablet) could be monitored, and personal data / details could be stolen e.g. payment details and passwords.

How Was The Flaw Discovered?

It is not uncommon for researchers from cyber security companies to test popular devices and programs for possible flaws, and then to report the flaws to the developers / distributors of the products. The discoveries made can often benefit the cyber security company in terms of good PR as well as benefitting the developers and the users of the products.

In this case, researchers from cyber security consultancy managed to gain administrative access to the Virgin routers by reverse engineering the software for them.

Reported & Patch Produced

After discovering the security flaw, Context shared its findings with Virgin Media who were then able to produce a patch for the routers.

What Does This Mean For Your Business?

If you already have a Virgin Super Hub router, it will have been patched automatically as part of scheduled firmware update at the end of May this year. If you are about to get / have just got a new Virgin Super Hub router, you will be pleased to know that the patch / update is included with it.

This story confirms that, even with popular IT / connectivity products / technologies, there are still security flaws that could put your valuable personal data at risk. This has long been a fear, for example, with many household IoT devices too, where the advice has been to make sure that the default password is changed. Devices with common keys / passwords make it much easier for criminals to launch large scale attacks.

The only thing we can really do is to make sure that our basic online / data security measures, practices and policies are kept up to scratch, are adhered to, and that we remain vigilant.

Complete the form below to receive your FREE weekly IT Newsletter!

Full Name *
Email *
Organisation
Phone
Your business challenge(s) *

  Testimonial  

"I will just like to commend Anton for the excellent work he has and is doing for Foam Techniques. Please pass on our thanks and appreciation to him."

Vinay Relan, Foam Techniques Ltd

 

Learn More

West Midlands & Warwickshire Wide Coverage

Microsoft Registered Partner

Small/Medium Business Specialists

Outstanding Customer Service

Dedicated Account Management

Mercia Facilities Management

Our emphasis on communication and partnership means we understand our clients and their unique needs. No matter how big and complex or small and focused our clients businesses are, we can provide the complete solution. Our specialist services give clients the option of using a single supplier for all their needs.

Contact Details

  • This email address is being protected from spambots. You need JavaScript enabled to view it.
  • 0800 157 7133 ( Toll Free )
  • 024 7664 5975
  • 024 7647 1095 ( Fax )

Directions

directions

 

Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.