Millions of crucial links for internet traffic are poorly secured and can be easily exploited by hackers, researchers at KU Leuven reported on Friday.
Tunnelling hosts are servers or computers which act as intermediaries to connect different computer networks. According to the university, over four million of these hosts are vulnerable.
The researchers from KU Leuven's DistriNet research group sent special, harmless test data packets to millions of devices worldwide to see if the servers would pass them on. The packets used a tunnelling protocol, a specific method of packaging.
The research revealed that vulnerable hosts can be exploited by hackers to hide their identity or location and gain access to private networks. They can also be used for Denial of Service (DoS) attacks, which overwhelm a server with requests until it crashes. The researchers identified three new types of attacks that specifically target weak tunnelling hosts.
Vulnerable infrastructure was found across the globe, with significant exposures in China, France, Japan, the United States, and Brazil.
Related News
- Belgian intelligence loses private data to Chinese hackers
- Cyberattack puts Brussels Muntpunt library out of action
- Cybercrime leaders arrested in international ransomware crackdown
Some networks belonged to major companies like China Mobile or Softbank. In France, thousands of home routers from a single internet provider were affected. In Flanders, many Telenet customers were also at risk. All involved parties have been warned and the hosts have been secured.
The study highlights that a network is only as strong as its weakest link. "Many tunnelling hosts were poorly configured and secured, so it is advisable for companies to secure these servers properly," the researchers recommend.
"A server can be configured to accept packets only from trusted IP addresses, reducing many risks. However, using a protocol that provides authentication and encryption is even safer."
