TalkTalk are back in the news again after the recent cyber attack hit one of the Internet routers they use. Some TalkTalk customers’ wi-fi passwords have been stolen following the malware attack which also blocked internet access for customers of other companies including KCOM in Hull, East Yorkshire.
Login Details and SSIDs Stolen
The stolen details would let attackers pinpoint exactly where the equipment was being used, and further targeted hacks are now possible. This is because the attackers stole both the login data and the Service Set Identifier (SSID) codes – a unique identifier which can be used to reveal where a machine is located.
Mirai Worm Router Hack – Security Advice
A TalkTalk spokesperson said: “As is widely known, the Mirai worm is affecting many ISPs around the world and it has affected a small number of TalkTalk customers. We continue to take steps to review any potential impacts and have deployed a variety of solutions to ensure customers’ routers remain safe. We have also employed additional network-level controls to further protect our customers.”
TalkTalk are issuing the advice that there is “no need” to change router settings. In our opinion (and in the opinion of many leading security experts) this response from TalkTalk is far from adequate to the extent that it is dangerous leaving customers wide open to further attack.
TalkTalk have also stated that in their opinion there is “no risk to personal information” which, if we give them the benefit of doubt is a naïve statement and if we don’t, it is utterly false and misleading. Given an SSID (Wireless network identification) we can use tools to geographically locate many of those networks which when combined with the key would allow anyone to connect to that network and harvest whatever information happened to be there.
Talk Talk Internet Router Replacement
We would advise all TalkTalk (ADSL and Fiber) customers to replace or otherwise secure their router. If you are a residential ADSL user we recommend ASUS DSL-AC68U AC1900, while residential fiber users should look at something like ASUS RT-N66U or the Netgear R6400-100UKS AC1750.
These recommendations are for suitable routers for residential Talk Talk, Post Office internet and all other affected ISPs.
Business internet users of TalkTalk should contact us for a recommendation, we usually supply routers from the Draytek range as these are business class routers which will suit most needs.
KCOM Internet Router Replacement
Although there is no evidence of any KCOM router passwords being stolen, we would recommend that all users change theirs as a precaution. You should always change administrator and wifi passwords from the defaults provided in the machine or it will not be secure. We also recommend upgrading to a more secure router or modem/router. If you are a residential ADSL user we recommend ASUS DSL-AC68U AC1900, while residential fibre users should look at something like ASUS RT-N66U or the Netgear R6400-100UKS AC1750.
For business users of KCOM we again advise running enterprise standard Draytek routers. Digitalquill supply, and configure Draytek routers which have their enhanced firewalls allowing connections and networks to be secured to the standards required for PCI DSS and credit card processing.