Two years after major security defects were discovered in Asus routers, leaving the home networks of hundreds of thousands of consumers vulnerable to hackers, Taiwan-based computer maker AsusTeK Computer Inc. has settled Federal Trade Commission charges that it failed to protect consumers as required by federal law.
According to the FTC settlement, Asus has agreed to have its routers and firmware undergo independent security audits once every two years for the next two decades.
“The Internet of Things is growing by leaps and bounds, with millions of consumers connecting smart devices to their home networks,” Jessica Rich, director of the FTC’s Bureau of Consumer Protection, said in a statement. “Routers play a key role in securing those home networks, so it’s critical that companies like Asus put reasonable security in place to protect consumers and their personal information.”
The FTC said despite Asus’ claims that its routers could “protect computers from any unauthorized access, hacking, and virus attacks” and “protect [the] local network against attacks from hackers,” the Asus routers had security vulnerabilities that enabled hackers to log in to them remotely and, depending on user configurations, to access user files – including sensitive materials such as tax documents – and change security settings.
If you do have an Asus router at home, the FTC recommends that you should take the following steps ASAP:
- Update your security. According to the FTC, your ASUS router may indicate that its software is current, even though it’s not, which could leave your home network at risk. Check your router’s software update tool and the Asus support site for the latest security updates.
- Double-check your network storage access. If your router has an AiCloud or AiDisk feature, make sure its access is limited to what you want. The AiDisk’s default set-up option gave anyone on the Internet access to your storage. Yikes. The FTC recommends that you change the setting to “limited” or “admin right” – instead of “limitless” – if you want to retain your privacy.
- Change your password. The FTC says Asus routers were pre-set with weak default passwords. Make sure you set new strong – and hard to guess – passwords for both your router and “cloud” service.
For more tips on securing your wireless network, click here.
What router brand do you use? Are you happy with its security features? Share your comments below or on our Facebook page.