FOR IMMEDIATE RELEASE: Washington, D.C. (September 26, 2018)— “5 of every 6 routers are inadequately updated for known security flaws, leaving connected devices open to cyberattacks that can compromise consumer privacy and lead to financial loss,” according to a new study released today by the American Consumer Institute. The study, “Securing IoT Devices: How Safe Is Your Wi-Fi Router?— finds that the majority of Wi-Fi router manufacturers are neglecting to update their firmware for known vulnerabilities leaving consumers at risk of having their data compromised and identity stolen.

The results show that this problem is pervasive among the most popular Wi-Fi routers in peoples’ homes:

  • 83 percent of the analyzed routers were found to have vulnerabilities to potential cyberattacks;
  • Across all severity levels, 32,003 vulnerabilities were found in a sample of 186 routers— on average, routers contained 172 vulnerabilities; and
  • 28 percent of the vulnerabilities found were categorized as “high risk” or “critical” with an average of 12 critical vulnerabilities and 36 high-risk vulnerabilities for each router.

According to the study, the problem is likely to be more common for IoT devices since cyberattacks can cause massive damage to all connected devices.

“Simply resetting your router is not enough,” the study warns.  “Automated updates are by far the most feasible option to keep IoT devices and consumer data safe.”

The study stresses the severe consequences of Wi-Fi router manufacturers leaving IoT devices unpatched for known vulnerabilities and the urgency for these manufacturers to commit more resources to identify and mitigate vulnerabilities in open source to reduce cybersecurity threats that put consumers, the infrastructure, and the economy at risk.

A full copy of the study is available online here.