Security expert calls home routers a clear and present danger In Black Hat Q&A, In-Q-Tel CISO says home routers are "critical infrastructure."
by Sean Gallagher Aug 6 2014 Ars Technica
LAS VEGAS-During his keynote and a press conference that followed here at the Black Hat information security conference, In-Q-Tel chief information security officer Dan Geer expressed concern about the growing threat of botnets powered by home and small office routers. The inexpensive Wi-Fi routers commonly used for home Internet access-which are rarely patched by their owners-are an easy target for hackers, Geer said, and could be used to construct a botnet that "could probably take down the Internet." Asked by Ars if he considered home routers to be the equivalent of critical infrastructure as a security priority, he answered in the affirmative.
...
I'm surprised that Mr. Geer didn't mention that most of the risk may be ameliorated simply by turning off Internet access to the router's control panel.
Bill Horne Moderator