BT Statement on Home Hub Wireless Security

BT Statement on Home Hub Wireless SecurityFollowing our story on the vulnerabilities of the BT Home Hub, the most widely used DSL wireless router in the UK, BT sent us this statement last week after we requested it.

We are aware of this problem, although we don’t believe that any customers have been affected.

It’s important to realise that although it has been possible to demonstrate a scenario where the hub may be vulnerable, we don’t believe it is something that should affect the majority of BT customers in real life.

Customers with enquiries on how to further protect their network will be directed to www.bt.com/help/hub, which gives detail of a number of precautionary actions that can be taken to help increase their on-line security. These include:

  • Changing the default wireless key and the encryption type from WEP to WPA.
  • Changing the admin login password of the Hub Manager.
  • Leaving the Hub switched-on at all times, including overnight to benefit from firmware updates as they become available.
  • Having AV and firewall software installed on all computers.
  • Being wary of unknown web sites and e-mails from unknown sources, including invalid security certificates.

Setting aside this particular issue, customers should always be vigilant about the security of their computer equipment and should always install a firewall and anti-virus software and make sure that they do simple things like changing default passwords and be wary of visiting unknown web sites and e-mails from unknown sources.

BT and other internet service providers are constantly vigilant about security. The fact of the matter is that new threats are emerging all the time across our industry and we have to keep updating and continually improving our security in order to protect customers.

NB: It is important to note that it is not only BT that has been affected by this, it is an issue for many operators that use Thomson routers.

3 thoughts on “BT Statement on Home Hub Wireless Security”

  1. How do we change the default wireless key and the encryption type from WEP to WPA on the BT Wireless Router as in your article?
    Sorry if you have printed this somewhere but I have only just found you through this prob.

  2. Despite following the BT security tip using WPA-PSK and changing the default key I still see sometimes an unknown device PW-PIOTR-PC appearing under advanced->config->application sharing in the pull down menu ‘device’. I have on no such device on my LAN, this device is not visible in bthub home-network menu either. Is the hub hacked or bridged?
    Who sees devices which are not part of their LAN despite having maximum protection on? I had WDA on by mistake but nothing linked, could that be a backdoor?

Comments are closed.