Consumer internet routers from the popular brand Zyxel are amongst those that have been compromised in a botnet attack this week. Many Kingston Communications customers have been struggling to connect to the internet as a result. The attack is linked to the Distributed Denial of Service (DDOS) attacks that took down major websites recently, as once again the ‘Internet of Things’ has been used as the host for a malicious cyber attack.
KCOM’s broadband internet service, formerly known as Karoo, has been hit hard, with thousands of customers reporting disconnections. The affected router model is the ZyXel AMG1302-T10B and many customers are now seeking to upgrade to a more secure model.
KCOM Zyxel Routers Hacked
We first became aware of a problem with the Zyxel routers in 2014, when a corporate client asked us to look at the router that KC had supplied him. We identified significant vulnerabilities in the router at that time and in a meeting with KCOM’s technical director, informed them of this. No action was taken by KCOM to mitigate this vulnerability. Since then, we have advised our business customers since then to use a proper business router with better security. These routers should never have been provided to business customers as they are a domestic product with very few security features and what’s more, they have open ports and superadmin account credentials that can not be changed.
We advise running enterprise standard Draytek routers. Digitalquill supply, and configure Draytek routers which also provide for added security because of their enhanced firewalls allowing connections and networks to be secured to a sufficient standard for PCI DSS and credit card processing.
Upgrade Zyxel Router
If you are a business and have been supplied a Zyxel Router by KCOM or other service provider, call us to arrange to have it replaced with a enterprise standard router which is secure, with advanced firewall protection and is PCI DSS compliant.