Cisco routers around the world are exposed to a potential risk termed as “Thrangrycat.” It is a bug which has the tendency to access the data flowing through Cisco routers.
Cisco routers especially their model Cisco 1001-X is being compromised and has the tendency to cause global havoc. These routers are used almost everywhere from malls to corporate offices and research institutions.
How Did It All Happen?
The hackers went into the system using two steps. There was already a bug inside the Cisco IOS operating system. It allowed gaining access to the router, using that access the intruders were able to get into the system and disable the router’s most integral security feature which is the trust anchor.
These steps can be allegedly repeated on several other Cisco devices all across the globe, and the data can be then used for nefarious purposes.
Experts were satisfied with routers that have robust security features and have a solid operating system.
What is Trust Anchor?
A trust anchor is a layer of security which is placed by the Cisco developers to act as a final fail-safe entity. A lot of companies use this solution; in their hardware products, just in case you are wondering which one;
• Apple uses Enclaves,
• Intel uses SGX,
• ARM-based CPUs use Trust Zone.
And the list goes on.
The trust anchor is the ultimate firewall which is super responsive while hacking, but it doesn’t mean that it has no vulnerability.
How Thrangrycat Hack Started?
Whenever a trust anchor identifies that a compromise has been made it waits for 100 seconds and then shuts the power. You must be wondering why 100 seconds, but this pause is to deploy anti-hacking measure.
The researchers found out that trust anchor can be fooled by resetting the power pin. After several trial and errors, they found the right pin and tracked it back to the particular bit stream and modified it.
Such modification led to the disability of trust anchor. So when the hack was made the device booted up normally while the trust anchor did identify a breach but couldn’t do an inch.
Analyzing Damage Done
Cisco recently announced a security update after which the company claims that the issue has been fixed. However many experts still believe that the issue is on the hardware side but not the software.
The demonstrated flaw is a physical one, and Cisco 1001-X demands an architectural change in the operating system.
Although there are no complains reported as yet. However, there is a chance that the user might not know that his data is being compromised in the first place.
Routers are an integral part of internet usage. People who are using Cisco’s routers should pay attention to the ongoing breaches and news about the product. It is now clear that almost everything is exposed to risks; what’s important is to see how you can stay away from risk.
Cisco is not the only brand which has been infected by the vulnerabilities in the router domain.
Security researchers have seen risks on top of Verizon Fios router as well. So the bottom line is, being protected is a virtue; it depends on your preferences on how to stay like one.
Read More :