Outdated routers leaving millions at risk of hacking

A Which? investigation has found that millions of internet users could be at risk of hacking attacks due to using outdated routers from their broadband providers that have security flaws.

With households across the country using their home broadband more than ever, to work, educate their children or keep in touch with loved ones, Which? has warned that many are unaware that old equipment provided by internet service providers could be putting them at risk of hackers spying on what they are browsing online or even directing them to malicious websites used by scammers.

The comparison company  investigated 13 old router models and found that nine of them had flaws that would likely see them fail to meet requirements proposed in upcoming government laws to tackle the security of connected devices. The legislation is not yet in force and so the ISPs aren’t currently breaking any laws or regulations.

These security risks could potentially affect around 7.5 million people, based on the number of respondents who said they were using these router models in Which?’s nationally representative survey. Approximately six million people within this group of users could be using a router that has not been updated since 2018 or earlier. This means the devices have not been receiving security updates which are crucial for defending them against cyber criminals.

Kate Bevan, Which? Computing editor, said: “Given our increased reliance on our internet connections during the pandemic, it is worrying that so many people are still using out-of-date routers that could be exploited by criminals.

“Internet service providers should be much clearer about how many customers are using outdated routers and encourage people to upgrade devices that pose security risks. Proposed new government laws to tackle devices with poor security can’t come soon enough – and must be backed by strong enforcement.”