01.Hacked routers make hidden attacks
Australian internet users could be at risk of having their routers used by cyber criminals to launch attacks.
About 120,000 routers in Australia are vulnerable to being hacked and used to make large volumes of requests to target websites. Internet users can’t tell that their router has been compromised and may only become aware because their internet runs slowly or they use up their monthly data quota.
The vulnerability was found by IT security firm Nominum that posted a warning to internet service providers (ISPs) to check and issue a security patch for vulnerable routers. It could affect up to 24 million routers around the world.
It’s been reported that local ISPs iiNet and Telstra have seen some of these attacks on their networks and local security experts have been quoted as saying that the affected routers came from ISPs themselves but may not have been set up correctly.
Technically, a hacked router sends a query to the ISP’s domain name system (DNS) server that gives it the address, but this is amplified to create a large request that can bring down the target website. It’s known as a distributed denial of service (DDoS) attack on the target website because it can’t handle the large queries.
Graphic source: Nominum