Following our story on the vulnerabilities of the BT Home Hub, the most widely used DSL wireless router in the UK, BT sent us this statement last week after we requested it.
We are aware of this problem, although we don’t believe that any customers have been affected.
It’s important to realise that although it has been possible to demonstrate a scenario where the hub may be vulnerable, we don’t believe it is something that should affect the majority of BT customers in real life.
Customers with enquiries on how to further protect their network will be directed to www.bt.com/help/hub, which gives detail of a number of precautionary actions that can be taken to help increase their on-line security. These include:
- Changing the default wireless key and the encryption type from WEP to WPA.
- Changing the admin login password of the Hub Manager.
- Leaving the Hub switched-on at all times, including overnight to benefit from firmware updates as they become available.
- Having AV and firewall software installed on all computers.
- Being wary of unknown web sites and e-mails from unknown sources, including invalid security certificates.
Setting aside this particular issue, customers should always be vigilant about the security of their computer equipment and should always install a firewall and anti-virus software and make sure that they do simple things like changing default passwords and be wary of visiting unknown web sites and e-mails from unknown sources.
BT and other internet service providers are constantly vigilant about security. The fact of the matter is that new threats are emerging all the time across our industry and we have to keep updating and continually improving our security in order to protect customers.
NB: It is important to note that it is not only BT that has been affected by this, it is an issue for many operators that use Thomson routers.