Home » News » Change password warning: Sky, BT routers now at risk from hackers

Change password warning: Sky, BT routers now at risk from hackers

Change password warning: Sky, BT routers now at risk from hackers

Monday, 24 July, 2017

Customers of the UK’s major ISPs have been warned they may be vulnerable to attack as a result of flaws in household routers.

Although it was originally believed only Virgin Media customers were affected, security experts are now saying other companies’ devices may also be at risk.

White-hat hackers – who probe the vulnerabilities in technology so companies can make their security better – found that Virgin Media’s Netgear Super Hub 2 and Super Hub 2AC were at risk from takeover hacks by criminals.

But now the same security flaws have been discovered in older routers.

Devices provided by Sky, BT and TalkTalk have now been flagged as potentially at risk.

Customers are being advised to change their passwords to maintain their online safety.

The flaws, which are well-known in tech circles, allow hackers access to a user’s Wi-Fi authentication ‘handshake’ and use it to reveal the password. Once they’ve broken in, the attacker can see all connected devices on a home network, and exploit any vulnerabilities to remotely take control of them.

Most routers come with a default password straight out of the box. However, not all passwords are equally secure, and many use a formula that can be easily identified and exploited by hackers.

This was the issue with Super Hub 2, which used a lower case password consisting of only eight characters.

Virgin has already advised its customers to update their passwords, following an investigation from consumer group Which?

The company has a dedicated page for customers looking for help or advice on changing their password.

A BT spokesperson said the company was unaffected by the issues facing the Super Hub 2.

Simple solutions to prevent vulnerabilities include using a mix of upper and lower case letters or symbols in a password. Another rule to follow is ‘the longer, the better’ as a greater number of characters increases the time it would take a hacker to break through.

According to security researchers, PTP, who tested a range of routers from leading ISPs, “even a simple increase from 10 to 12 characters would push the cracking time from five days up to many many years.”

Large scale cyber attacks are becoming increasingly common. Last weekend saw hackers attempting to access the emails of MPs in the UK Parliament. This comes after the NHS computer services were held to ransom as part of the ‘WannaCrypt’ attack.

The Mirai botnet attack on a server in December 2016 exploited vulnerabilities in Wi-Fi-enabled household devices, causing major disruption.

Aran Burton author picture


Aran is a technology journalist with an interest in consumer issues.

News What's the story?

Keep up with the latest developments in UK broadband.

The new homes with 1GB broadband connections

The new homes with 1GB broadband connectionsThe new homes with 1GB broadband connections Read more

What are ISPs and internet services doing to help during the Coronavirus crisis?

Total lockdown expected - can ISP’s and internet services offer any help?

Read more

BT confirm Gigabit broadband!

BT confirm the launch of their Gigabit home broadband package for Spring 2020!

Read more

Tips for home working during Coronavirus outbreaks

Read more

Help Learn with us

Make the most of the internet with our broadband library.

Why Connected Home over IP will change our lives

Why Connected Home over IP will change our livesWhy Connected Home over IP will change our lives Read more

Amazon Alexa or Google Assistant?

Read more

Protecting your content from plagiarism and reuse

Read more