Cisco routers open to major security flaw
Sead Fadilpasic | May 14, 2019
Cisco routers, including ones that can be found in malls, large companies or government institutions, are flawed in a way that allows hackers to steal all of the data flowing through them. The news was unveiled yesterday by Red Baron, a cybersecurity company whose researchers claim the Cisco 1001-X comes with two major flaws. One is a software flaw inside the router’s operating system, the Cisco IOS, which would allow hackers root access. As dangerous as that may sound, apparently it’s easy to fix with a software patch. The second flaw, however, is much more dangerous as it allows potential malicious actors to bypass the router’s security feature, Trust Anchor. This feature has been standard in Cisco’s routers since 2013, according to Wired. Bypassing Trust Anchor “means we can make arbitrary changes to a Cisco router, and the Trust Anchor will still report that the device is trustworthy. Which is scary and bad, because this is in every important Cisco product. Everything,” Ang Cui, the founder and CEO of Red Balloon, explained.