Firewalls, Routers, and Bad Things Lurking on the Internet

When being connected to the Internet was new–about 15 years or so ago–businesses worried about “hackers” getting into their data. Price lists were secret. It was a different way to do business. Customers generally called businesses they “trusted,” and only businesses with purchasing departments usually shopped more than one or two sources.

In the first place, such information just wasn’t readily available. It was intentionally hard to find out what the competition was charging for a product. And it wasn’t too unusual for a customer to call business X in the morning to talk to John and get one price, but call X back in the afternoon to talk to Jane and get another price.Faceless hooded anonymous computer hacker with programming code from monitor

Now everything connects.. If you’re buying a used book on Amazon, you can compare prices right there on the screen, even including shipping.

It seems to me that many businesses have forgotten about the bad things lurking on the Internet. The Ashley Madison data breach has certainly gotten the attention of the pay-for-affairs crowd, and reminded all of us that there are security concerns when your work network attaches to a network of millions of people who want to see what you have.

One of the most popular router brands in the world, Cisco, has discovered its operating system replaced by malware. This potentially gives the hacker control over all the data that passes through the router. It makes it easy to redirect you to spoofed sites.

The router is the piece of equipment that connects you to the “address” of the places on the internet you want to visit. Let’s take a simple example of what might happen in this case. The internet address of eTrade is 12.153.224.22. Of course, you just type etrade.com, and the browser goes out and looks this up for you. If you want to prove to yourself that this number is the same as etrade, just click it.

You don’t see this number under normal circumstances. So let’s suppose that I clone (copy it exactly) and post it as a phishing site. My goal is to get you to enter your personal login information, then to get access to your account and transfer your funds. So I hack your router (or your ISPs router), and insert the address of my site (say 1.1.1.1) when you ask for the eTrade address. My site comes up. You don’t know the difference.

All the advice not to click phishing links in emails doesn’t do you any good, because you can type etrade.com in your browser all you want, and you’ll still wind up on my site.

Watch out for the bad guys out there!