Talk Talk's cyber security advice to customers is very worrying. Many UK customes have DSL-3780 routers which Talk Talk preconfigure to allow remote administration (using TR069). Although in theory this allows the routers to be maintained by Talk Talk remotely this tool has been exploited to steal information from home users including router passwords, MAC addresses (network IDs) and SSIDs (wifi network names).
Together this information can be used by cyber attackers to take control of users home networks. There is enough information to effectively steal identities, hack personal computers, steal cloud credentials, photos and videos. More worryingly attackers can use this information to set up fake websites (such as a copy of your bank) that look identical to your normal website, allowing attackers into your bank accounts. For high profile people, this is a particularly worrying time.
Talk Talk's advice is to not worry, and not change your passwords. This isn't good enough.
Cyber-Shadow can help, but even if you can't afford our services we offer the following advice:
- Log in to your router, select the "Advanced" options
- In the Advances, Network Tools section disable TR069
- Change your wifi password in the Setup, Wireless Setup section
- Change your router password in the Maintenance, Administration section
- Change your wireless SSID in Setup, Wireless Setup
Other things to improve your security:
- We also recommend you deactivate ACL in Advance, Network Tools.
- We recommend you only allow specific devices onto your network by using a MAC whitelist in Advanced, Advanced Wireless, WLAN Access Rules
If you need help securing your network, beyond these basics, for true peace of mind Contact Us today.