The 5 most common router attacks on a network

The 5 most common router attacks on a network

Unfortunately, router attacks cannot be 100 percent prevented, but there are a few things that you can be doing to prevent one of the most common router attacks from occurring on your system and network.

Large organisations are vulnerable to widespread attacks, with come being malicious and some carried out simply to prove a point. A lot of hackers enjoy breaking a server or router simply because they get a buzz from proving that they’re good enough to do it.

Some of the most common router attacks generally include:

  • Denial of Service (DOS)
  • Packet Mistreating Attacks (PMA)
  • Routing Table Poisoning (RTP)
  • Hit and Run (HAR)
  • Persistent Attacks (PA)

Denials of service attacks are most frequent (DOS)
You may have heard this term before, or maybe even the acronym DOS? This is a very common technique used by hackers to disrupt an entire network and router.

The attacker or attackers use a series of requests to simply flood the routers networks with message requests. They send requests using ICMP packets. This stands for Internet Control Message Protocol. These packets are sent over a short space of time from multiple locations.

For example: there could be requests from China, Singapore, UK, USA and India and the routers simply cannot handle the sheer volume of the requests at one time, causing the traffic on the network to increase and as a result the entire network goes down.

A DOS attack can have serious consequences on a network and it can bring an entire organisation to a standstill. The best way to protect your business from a DOS attack is to configure your firewall and encryptions correctly. Alternatively, you can use the services of a networking engineer.

Packet mistreating attacks aim to inject malicious code
The second most common router attack comes in the form of packet mistreating. Similar to DOS attacks, packet mistreating injects packets with malicious codes designed to confuse and disrupt the router and network.

As the name of the hacking technique suggests, the data packets mistreat the router, as a result, the router begins to mistreat the harmful packages within the system.

Every router has something called a routing process. The introduction of these harmful packages within the routing process means that the router can no longer handle the number of packets currently on the routing table.

As the routers become more and more confused, its vulnerability becomes really exposed as the malicious data starts to circulate around the network creating a loop. This proceeds to causing major congestion on the network and makes it extremely difficult for any networking team to debug.

As part of any data cabling installation, you should ensure that the routers and networks are secure and provide ongoing testing to prevent such attacks.

Routing table poisoning manipulates the routing table
As we mentioned on the previous point, each router has something called a routing table that transfers and receives information. Unfortunately, without the correct protection and encryption, the routing table can become extremely vulnerable.

Routing table poisoning occurs when there is a drastic malicious change in the routing tables routine. These aggressive attacks are achieved by editing the information packets that are cycled through the routing table.

Routing poisoning can cause extremely harmful damage to networks and servers as a result of the incorrect data being added to the routing table.

Hit and run attacks
Another of the most common router attacks is something called a hit and run attack and they are designed as one off attack on a specific network or router.

Hot and run attacks are often referred to as ‘test hacks’ and also occur when malicious data is injected into router through code. Usually if an attacker fails at their first attempt, they may, or may not progress and make further attempts on the system.

Hit and run router attacks are easier to spot, as the router that is under attack will usually begin displaying unusual activities outside of its usual routine.

Networking professionals can then act on the hack and secure the systems. However, if an attack does go unnoticed, a hit and run attack can cause serious damage to the router.

Persistent attacks on routers
Persistent router attacks are very similar to hit and run, in which they both look to inject frequent harmful data packages into the router and network, helping the hackers gain control.

However, unlike the hit and run attacks that we previously discussed, the persistent attacks are exactly as they sound. Whereas the hit and run attacks would start and finish as a one off, the persistent attacks can occur and continue to occur until the attacker has achieved their goal.

The attackers will continue to inject harmful packets into the routing table, so it is easy to confuse a persistent attack with a routing table poisoning attacker.

The overall aim of persistent router attacks is to attack the networks vulnerabilities and expose them.

Browse our latest issue

Intelligent CISO

View Magazine Archive