Virus protection is just an assumption anymore in the information technology sector. Every PC and server should have it, it needs to be regularly updated, and any IT department that ignores it is essentially playing “when, not if” roulette with their enterprise’s critical infrastructure.
What is less well understood is that PCs and servers are no longer not the only targets within your business, but they may not even be the most popular target for those attempting to gain access to your data and critical intellectual property. After all, why settle for a single target like a workstation when you can gain control over an entire network by damaging or taking over a router?
A common misconception is that routers can’t be damaged by viruses. Nothing could be further from the truth. At the end of the day, routers are programmable computers, operated by specialized software. Like any software, these instructions can be updated, modified, and changed—which means they are vulnerable to attack. Companies not using sensible security protocols and staying on top of updates to address security vulnerabilities can have their routers accessed by bad actors, and taken over. Once access is gained to the router, any number of virus attacks can be implemented.
“Spoofing” is one of the most common router attacks. Once a router is compromised, a virus can take control of the router’s domain name settings (DNS). These settings can then be used to send any incoming traffic (your customers, for example) to an entirely different router—usually, one attached to a fake website that looks like yours. Transactions can then take place on that website, resulting in your customers being charged for non-existent services or products, while your company appears to be at fault. Once the deception is discovered, the damage is done—the money and your client’s goodwill can never be recovered, and the originators of the attack have moved on to other vulnerable targets.
Note that spoofing is only a single type of attack that can target your router. Router security is largely misunderstood, and remains a point of vulnerability for thousands of businesses worldwide. NSC Information Technology Group has the expertise to evaluate and secure your business from these attacks. Contact us today for more information.