Thrangrycat Bug – A Threat to Cisco Routers Worldwide

Router is the main bridge between the internet connection and your family. The most popular routers around the world are manufactured by the Cisco Company. Cisco routers are exposed to a potential risk termed as “Thrangrycat.” It is a bug which has the tendency to access the data flowing through Cisco routers.

Cisco routers especially their model Cisco 1001-X is being compromised and has the tendency to cause global havoc. These routers are used almost everywhere from malls to corporate offices and research institutions. The router is used in homes and schools also, which means your online security is at risk.

How Did It All Happen?

Hackers have found the vulnerability to get into the system using two steps. There was already a bug inside the Cisco IOS operating system which has not been discovered for a long time and may have caused deadly havoc which are not reported. It allowed gaining access to the router, using that access the intruders were able to get into the system and disable the router’s most integral security feature which is the trust anchor.

These steps can be allegedly repeated on several other Cisco devices all across the globe, and the data can be then used for nefarious purposes.

Experts were satisfied with routers that have robust security features and have a solid operating system.

What is Trust Anchor?

A trust anchor is a layer of security which is placed by the Cisco developers to act as a final fail-safe entity. A lot of companies use this solution; in their hardware products, just in case you are wondering which one;

  • Apple uses Enclaves,
  • Intel uses SGX,
  • ARM-based CPUs use Trust Zone.

And the list goes on.

The trust anchor is the ultimate firewall which is super responsive while hacking, but it doesn’t mean that it has no vulnerability. No matter where you live, what you do and what you have, you are always a step closer every minute you are online. Losing your personal-private pictures, financial credential or important documents can be highly dangerous which can cost you hundreds or millions of dollars.

How Thrangrycat Hack Started?

Whenever a trust anchor identifies that a compromise has been made it waits for 100 seconds and then shuts the power. You must be wondering why 100 seconds, but this pause is to deploy anti-hacking measure.

The researchers found out that trust anchor can be fooled by resetting the power pin. After several trial and errors, they found the right pin and tracked it back to the particular bitstream and modified it.

Such modification led to the disability of trust anchor. So when the hack was made the device booted up normally while the trust anchor did identify a breach but couldn’t do an inch.

Analyzing Damage Done

Cisco recently announced a security update after which the company claims that the issue has been fixed. However, many experts still believe that the issue is on the hardware side but not the software.

The demonstrated flaw is a physical one, and Cisco 1001-X demands an architectural change in the operating system.

Although there are no complaints reported as yet. However, there is a chance that the user might not know that his data is being compromised in the first place.

Conclusion

Routers are an integral part of internet usage. People who are using Cisco’s routers should pay attention to the ongoing breaches and news about the product. It is now clear that almost everything is exposed to risks; what’s important is to see how you can stay away from risk.

Cisco is not the only brand which has been infected by the vulnerabilities in the router domain. Security researchers have seen risks on top of Verizon Fios router as well. So the bottom line is, being protected is a virtue; it depends on your preferences on how to stay like one.

Leave a Reply

Your email address will not be published. Required fields are marked *