As organisations increasingly rely on employees accessing sensitive data from locations beyond the office IT environment, they face a critical challenge: securing those connections. Whether employees are working from home, serviced offices, coworking spaces, or medical office complexes, the networks they connect to often fall outside the organisation’s control—posing a serious cybersecurity risk.
The Growing Threat Landscape
Many networks that employees use for work are far less secure than commonly assumed. Home and public routers, for example, often ship with default settings that users rarely change. The assumption that these devices automatically update to fix security flaws is largely unfounded, leaving them vulnerable to exploitation.
Real-world examples illustrate the risk:
- DrayTek Routers: Researchers discovered a Remote Code Execution (RCE) vulnerability that could allow attackers to take control of the device.
- TP-Link Firmware Exploits: Threat actors have been found infecting router firmware to target entities in the EU.
These examples highlight a growing trend: widely used routers have well-documented vulnerabilities that are easily exploited by cybercriminals.
Why Are Routers and Public Networks a Target?
The answer is simple: these networks serve as gateways to corporate data. If an attacker compromises a router or an unsecured Wi-Fi network in a serviced office, they can intercept traffic, compromise connected devices, or use the network as a foothold for larger attacks. This makes targeting uncontrolled networks a lucrative and relatively easy strategy for cybercriminals.
The Informational Black Hole for IT Teams
From an IT perspective, unmanaged networks are a significant blind spot. Whether employees are connecting through personal home routers, shared coworking spaces, or hotel Wi-Fi, IT teams have no visibility into the security posture of these environments. This lack of control increases the risk of unauthorised access, malware infections, and data breaches.
The Scale of the Problem
For organisations with employees accessing data outside the office IT environment, the scale of the issue is daunting. Managing the security of thousands of different routers and public networks is virtually impossible for IT teams. Yet every single connection represents a potential entry point for attackers.
Dangerous Assumptions
Many assume that Internet Service Providers (ISPs) supply secure and regularly updated routers. In reality, studies show that many ISP-provided routers run outdated firmware, leaving them vulnerable to attacks. Similarly, public Wi-Fi networks in serviced offices or coworking spaces often lack adequate security controls, making them prime targets for cyber threats.
Another common misconception is the belief that “it won’t happen to me.” This false sense of security can lead to complacency, exposing organisations to preventable risks.
The Real-World Consequences
The risks associated with insecure network connections aren’t hypothetical. Exploits targeting Netgear Orbi routers or TP-Link devices infected with Mirai malware have had real-world consequences. The UK’s National Cyber Security Centre (NCSC) has even issued advisories highlighting the dangers of employees connecting to corporate systems via insecure networks.
What Organisations Can Do
Addressing the security risks of uncontrolled networks requires a proactive approach. Here are key steps organisations can take:
- User Education: Empower employees with knowledge about network security risks and how to mitigate them.
- Deploy Secure Managed Routers: Solutions like Loxada’s managed routers provide a secure, controlled connection that ensures work data is always protected—regardless of the security state of the network.
- Ensure Network Separation: Employees should connect work devices through dedicated secure networks rather than sharing connections with personal or public devices.
- Monitor and Enforce Security Policies: Regularly review employee access methods and implement policies that prevent the use of insecure networks.
- Ensure Regular Firmware Updates: Work with employees to confirm that their routers’ firmware is up to date, addressing known vulnerabilities.
- Multi-Factor Authentication (MFA): Implement MFA wherever possible to add an additional layer of security against unauthorised access.
A Call to Action
The risks posed by uncontrolled networks are real and growing. Addressing these vulnerabilities isn’t optional—it’s essential. Solutions like Loxada’s managed routers ensure that every remote connection is as secure as if made from within the office, removing the uncertainty and risk of using insecure networks.
By taking proactive steps, organisations can turn one of their weakest links into a secure, managed part of their cybersecurity strategy, ensuring that sensitive data remains protected—no matter where it is accessed.
Sources
[^1^]: Trellix – RCE in DrayTek Routers
[^2^]: Bleeping Computer – Hackers Infect TP-Link Router Firmware
[^3^]: Wired UK – Router WiFi Security Settings
[^4^]: Bleeping Computer – PoC Exploits for Netgear Orbi Router
[^5^]: Bleeping Computer – TP-Link Archer WiFi Router Flaw
[^6^]: NCSC UK, NSA – APT28 Exploitation of Cisco Routers
[^7^] NCSC – Cyber Threat Report: UK Legal Sector
