The Hidden Dangers of Consumer-Grade Routers in Business Networks

The nature of business these days is one where Internet connection is needed for just about everything - it's importance cannot be overstated.  Unfortunately, many small and medium-sized enterprises (SMEs) unknowingly compromise their cybersecurity by relying on consumer-grade routers, often supplied by Internet Service Providers (ISPs). This article delves into the security risks associated with using these devices in business environments and provides guidance on selecting appropriate network equipment.

The Allure and Pitfalls of Consumer-Grade Routers

Consumer-grade routers are designed for home use, prioritising ease of setup, all-in-one integration and cost-effectiveness over security features and scalability. While these attributes make them attractive for home use, they fall short in meeting the (typically) more complex demands of business networks.

Some common limitations and associated risks are as follows:

  • Limited Security Features - Consumer routers typically lack the robust security measures necessary to protect sensitive business data. Limited to basic firewalls and rudimentary (if any!) intrusion detection systems, they leave networks vulnerable to sophisticated cyber-attacks and provide little to no capability for tracing the source of any incidents that occur.
  • Inadequate Performance for Business Needs - These routers are built to handle the traffic of a typical household, not the concurrent connections and data-intensive operations of a business environment. This will be seen as unexplained network congestion, slower speeds, and productivity impacts.  Such issues will often be difficult to investigate as often the only fix available is to restart the device wiping any information that could assist with tracing the issue!
  • Lack of Advanced Management Capabilities - Business networks often require features like Virtual Private Networks (VPNs), Virtual Local Area Networks (VLANs), Quality of Service (QoS) controls, Unified Threat Management (UTM) and Malware scanning. Consumer-grade routers rarely offer these capabilities, limiting a key component of network flexibility and security.
  • Persistent Threats and Difficult Remediation - Once infected, consumer routers can be challenging to disinfect. Many ISP-supplied routers have custom firmware that prevents users from easily updating or re-flashing the device. This limitation can leave businesses vulnerable long after a threat has been identified.
The Botnet Threat: When Routers Become Weapons

Botnet-7777 - Microsoft Azure Password Spray Attacks: A Case Study

In October 2023, a researcher identified a malicious network, comprised almost entirely of geographically diverse TP-Link Internet routers engaged in a password spray attack targeting the Microsoft Azure cloud and associated applications (such as Outlook, Sharepoint and MS Teams).

The botnet comprised over 16,000 devices which had been compromised used a known series of vulnerabilities that the device owners were neither aware of, nor able to remedy.

It is unclear how many Microsoft accounts have been compromised by this distributed attack, however, Microsoft have advised that as of October 2024 it is STILL in operation (Read More)!

 

The ISP Router Conundrum

ISP-provided routers, generally "bundled" and provided as a sign-up bonus, present additional challenges for businesses:

Locked Firmware - Many ISPs install proprietary firmware on their routers, restricting users' ability to update or modify settings. This can prevent businesses from implementing necessary security measures or addressing known vulnerabilities.

Delayed or Absent Updates - ISPs may be slow to release firmware updates for their routers, leaving known security flaws unpatched for extended periods. In some cases, older models may never receive critical security updates.

Remote Access Concerns - Some ISP routers have built-in remote access capabilities that, while convenient for troubleshooting, can also serve as potential entry points for attackers if not properly secured (and this may be a question that the ISP is not too happy to answer)!

 

Assessing Router Suitability for Business Use

When evaluating a router for business deployment, consider these top three criteria:

  1. Security Features: Look for devices with robust firewalls, intrusion prevention systems, support for advanced encryption protocols, persistent logging and automated updates for malware protection.
  2. Performance and Scalability: Ensure the router can handle your current and projected network traffic, with room for growth.  Keep in mind that features such as malware scanning, intrusion detection and preventing system DO require additional processing and manufacturer performance specifications will often be provided for a device in its "default" state.
  3. Management and Configurability: Opt for routers that offer granular control over network settings, support for VLANs, integration with centralised management systems and ability to accept automated firmware updates.


What is the difference between a Firewall and a router?

Most simply:

  • A router is designed to pass ALL traffic between ALL ports
  • A firewall is designed to only pass traffic that meets specific rules
  • A router can't do a firewall's job, but a firewall can do a routers job.

 

The Benefits of Business-Grade Firewalls

Investing in a business-class firewall, such as those offered by Fortinet, provide significant advantages to business network environments:

  • Enhanced Security - Business firewalls offer advanced threat protection, including next-generation firewall capabilities, sandboxing, and real-time threat intelligence updates.  These features enable real-time interception and rejection of network traffic BEFORE it reaches systems protected by the device significantly improving the security of the systems being protected.
  • Improved Performance - These devices are designed to handle high-volume traffic and complex networking tasks without compromising speed or reliability.  The hardware within a firewall appliance is customised for the intended purpose and often has specific chips for specific jobs - ie: filtering traffic is handled separately to encryption.
  • Comprehensive Management - Enterprise firewalls provide detailed logging, reporting, and centralised management interfaces, allowing for better network visibility, control and simplified event troubleshooting.
  • Compliance Support - Many business-grade firewalls include features to help businesses meet industry-specific compliance requirements, such as HIPAA, PCI DSS and significantly simplify the processing of review processes.

 

The Key Takeaway - Prioritise Your Network Security!

While consumer-grade routers may seem like a cost-effective solution, the potential risks far outweigh the initial savings for businesses. By investing in appropriate network security equipment, companies can protect their data, maintain productivity, and build a foundation for future growth.

As cyber threats continue to evolve, it's crucial for businesses to regularly assess their network infrastructure and ensure they have the right tools in place to defend against potential attacks. Remember, your network is only as strong as its weakest link – don't let that link be a consumer-grade router.