Around 800,000 Virgin Media customers have been strongly advised to change their passwords as a popular router is found to have weak security.
The router is the Super Hub 2, and if it was breached by hackers they would potentially have access to the smart appliances of customers.
This instance is yet more proof of the risks that Internet of Things (IoT) devices pose by being integrated within the networks and homes of unsuspecting people. Devices found to be vulnerable in this situation included CCTV cameras and children’s toys.
Virgin Media have responded that the age of some router technology is to blame for the weakness, making clear that the vulnerability is not exclusive to Virgin systems.
With so much legacy technology still ingrained within organisations that are entering new frontiers such as the IoT, the concern is raised as to how many major router hubs could possess age-based security frailties.
A Virgin Media spokeman said: “The security of our network and of our customers is of paramount importance to us.”
“We continually upgrade our systems and equipment to ensure that we meet all current industry standards.
“To the extent that technology allows this to be done, we regularly support our customers through advice and updates and offer them the chance to upgrade to a Hub 3.0 which contains additional security provisions.”
Ollie Hart, Head of Enterprise & Cyber Security, UKI, Fujitsu UK & Ireland said:
“Whilst cybercrime has risen up on everyone’s agenda, the latest from Virgin Media that one of its routers could be open to a potential attack is a prime example of how organisations still have a long way to go to ensuring a completely safe professional and personal environment. With data fast becoming the new currency, it’s ever clearer that the maturation of the digital industry has brought its own set of unique challenges and businesses are not quite there when it comes to addressing the cybercrime challenge.
“We need to start seeing more proactivity when it comes to tackling cybercrime before an attack happens. Fortunately in the case of Virgin Media, they were able to identify where a potential vulnerability was in their system before an attack could happen, but many organisations aren’t as quick on their feet. Once an attacker is in its too late, taking for granted the social contract that makes people feel they can trust the organisation they’re giving their data over to.
“And with the next major cyberattack a “when” not an “if”, organisations, governments and businesses need to be investing in the people, processes and technologies required to bolster their cyber defenses.”
The speed at which IoT devices have been brought into homes and organisations has meant that a vast number of devices themselves are lacking sufficient security to withstand attack. This could mean innumerable access points for hackers to gain entry to networks.
A study from earlier this year has also shown awareness to this major issue to be extremely low, with 48% of UK citizens unaware that connected devices in their homes could be infiltrated in the launching of a cyber attack.
The news from Virgin Media also brings passwords back into the spotlight, as they still appear to be the fragile layer of security protecting users as the last resort. A recent study showed that 93% of UK consumers would be ready to switch passwords for biometric security measures.