Protecting Your Internet Router From CIA Hackers

New Wikileaks release reveals the many ways the CIA can hack internet routers.

June 18, 2017 5:00 am
CIA hacks
New Wikileaks disclosures show how the CIA can hack internet routers for surveillance. (Scott Eells/Bloomberg via Getty Images)

Most Internet routers just sit in the corner of a room and collect dust without getting much attention—except from the CIA.

America’s spy agency has a handful of ways to take advantage of security flaws in Internet routers, according to Wikileaks’ latest Vault 7 dump.

Routers act as the gatekeeper for private networks, letting permitted internet traffic through and keeping unwanted traffic or users out. However, the CIA has a myriad of ways to manipulate this interaction in common routers sold by firms like D-Link and Linksys.

The Verge reports the agency has a program called Cherry Blossom, which modifies router’s firmware to convert it into use for surveillance. The tool allows the hacker to monitor traffic, search for sensitive data like passwords, and even redirect traffic to another website.

The cache of files includes a cadre of stealthy codenames including two exploits (or security flaws) called Tomato and Surfside, according to Wired. To scan a network for vulnerable routers, the CIA allegedly uses a program called Claymore.

Vulnerabilities aside, internet routers are a tantalizing target for hackers, whether they are tax-payer funded or not, because there are almost no red flags obvious to computer users once a router’s been compromised.

The InsideHook Newsletter.

News, advice and insights for the most interesting person in the room.