Industry Updates

“Misfortune Cookie” Security Flaw Leaves Millions Vulnerable

In the wake of the now-infamous Sony hack, many new security vulnerabilities are being found across a wide range of devices. Check Point Software Technologies recently revealed a flaw found in millions of routers in use across the Internet that allow hackers to take control of the devices. The vulnerability, beingmisfortune_cookie called “Misfortune Cookie,” has been found on at least 12 million devices currently connected to the Internet.

What is the “Misfortune Cookie” Flaw?
The vulnerability can be found in the embedded web server software, RomPager from AllegroSoft. A hacker can attack the web server and exploit this bug allowing it to take control of the router. They can then use this control to steal data from both wired and wireless devices that are connected to the router.

Why is it so Prevalent?
A patch for this security flaw has been available since 2005, but about 98% of the routers using RomPager are still running without the patch that plugs this hole. The fact is many people never bother to update the firmware on their routers, and many users simply do not have the technical knowledge necessary to do it. Even if router manufacturers made sure that this flaw has been patched on their end, it is still often up to the users. Many experts believe that this flaw will continue to be seen for years to come because of this simple fact.

Not Just for Routers
Infected routers are not a new method of attack for hackers. Earlier this year, hackers used routers, home theater systems and even a smart refrigerator to send out hundreds of thousands of spam email messages across the Internet.

What Can You Do?
When you consider security, you must think in broader terms than just your computer. You need to consider your entire network. This is especially true if the router is used by a small business. In addition to always running good antivirus software, you have to take the time to patch your router with the latest software from the manufacturer. This is the best defense against these types of security flaws. The router manufacturers should have detailed instructions available on how to patch your router. Many are prepared to offer assistance to your business if needed.

Lack of Awareness
Business owners and CEO’s alike are largely unaware of the threats against their companies’ networks each and every day. This lack of awareness can lead to dangerous results as business owners fail to allocate the proper resources to secure their networks. These resources must be used on security measures to ensure that both internal company data and the personal data of customers remains safe from the prying eyes of hackers looking to steal this information and use it for their own nefarious purposes.

Many business owners are unaware that their systems are under attack on a regular basis. Hackers are constantly seeking new victims and will never stop. To ensure your business remains secure from the threats of hackers, you have to remain vigilant and make security a top priority for your business. If you don’t, your business could become the next victim of the hackers and you could find your valuable data could be stolen right out from under you.