Home » News » Change password warning: Sky, BT routers now at risk from hackers

Change password warning: Sky, BT routers now at risk from hackers

Change password warning: Sky, BT routers now at risk from hackers

Monday, 24 July, 2017

Customers of the UK’s major ISPs have been warned they may be vulnerable to attack as a result of flaws in household routers.

Although it was originally believed only Virgin Media customers were affected, security experts are now saying other companies’ devices may also be at risk.

White-hat hackers – who probe the vulnerabilities in technology so companies can make their security better – found that Virgin Media’s Netgear Super Hub 2 and Super Hub 2AC were at risk from takeover hacks by criminals.

But now the same security flaws have been discovered in older routers.

Devices provided by Sky, BT and TalkTalk have now been flagged as potentially at risk.

Customers are being advised to change their passwords to maintain their online safety.

The flaws, which are well-known in tech circles, allow hackers access to a user’s Wi-Fi authentication ‘handshake’ and use it to reveal the password. Once they’ve broken in, the attacker can see all connected devices on a home network, and exploit any vulnerabilities to remotely take control of them.

Most routers come with a default password straight out of the box. However, not all passwords are equally secure, and many use a formula that can be easily identified and exploited by hackers.

This was the issue with Super Hub 2, which used a lower case password consisting of only eight characters.

Virgin has already advised its customers to update their passwords, following an investigation from consumer group Which?

The company has a dedicated page for customers looking for help or advice on changing their password.

A BT spokesperson said the company was unaffected by the issues facing the Super Hub 2.

Simple solutions to prevent vulnerabilities include using a mix of upper and lower case letters or symbols in a password. Another rule to follow is ‘the longer, the better’ as a greater number of characters increases the time it would take a hacker to break through.

According to security researchers, PTP, who tested a range of routers from leading ISPs, “even a simple increase from 10 to 12 characters would push the cracking time from five days up to many many years.”

Large scale cyber attacks are becoming increasingly common. Last weekend saw hackers attempting to access the emails of MPs in the UK Parliament. This comes after the NHS computer services were held to ransom as part of the ‘WannaCrypt’ attack.

The Mirai botnet attack on a server in December 2016 exploited vulnerabilities in Wi-Fi-enabled household devices, causing major disruption.

Aran Burton author picture

By:

Aran is a technology journalist with an interest in consumer issues.

News What's the story?

Keep up with the latest developments in UK broadband.

The biggest malware threats of 2020…so far

It’s been a year few of us will forget in a hurry, and we're only halfway through.

The biggest malware threats of 2020…so farThe biggest malware threats of 2020…so far Read more

Instagram could become the main news source for young people.

Reuters finds changes in the way younger users consume the news.

Read more

BT launches second line service

BT launches second broadband home line service for the new crop of home workers.

Read more

Best broadband areas for online gaming in the UK.

Read more

Help Learn with us

Make the most of the internet with our broadband library.

How to check if your broadband is down

It might seem obvious that an outage has occurred, but there are easy ways to check if your broadband is down, or whether the problem is more localised

How to check if your broadband is downHow to check if your broadband is down Read more

A guide to Big Tech alternatives.

It seems like we’re reliant on a small group of companies, are there alternatives?

Read more

Quick tips for boosting home broadband speed

Boosting speed can transform activities like streaming, gaming and accessing cloud storage

Read more

What’s the difference between hardware, firmware and software?

Read more