Germany Proposes Router Security Guidelines

Germany Proposes Router Security Guidelines

The German government has prosed guidelines to increase router security including what kind of routers are sold and installed across the country

  • By Sydny Shepard
  • Nov 27, 2018

The German government has published an initial draft of rules on securing Small Office and Home office (SOHO) routers. The draft, published by the German Federal Office for Information Security (BSI), was put together with input from router vendors, German telecoms, and the German hardware community. 

One approved, router manufacturers don't have to abide by these requirements, but if they do, they can use a special sticker on their products showing compliance.

The 22-page document lists several recommendations and rules for various router functions and features including the following rules: 

  • If the router has a guest WiFi mode, this mode must not allow access to the routers configuration panel
  • WiFi passwords should have a length of 20 digits or more
  • WiFi passwords must not contain information derived from the router itself (vendor model, MAC, etc.)
  • The router must allow an authenticated user to change its password
  • In its default state, access to the admin panel must only be allowed via LAN or WiFi interfaces
  • The router admin panel must show the firmware version
  • The router must warn users about an out-of-data or end-of-life firmware

These are just a few of the BSI recommendations, see more in the above linked-document.

Germany is taking steps to standardize router security following an incident that took place at the end of 2016. A British hacker known as "BestBuy" attempted to hack Deutsche Telekom routers, but bungled the firmware update and crashed nearly a million routers across Germany.


About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Brivo, Eagle Eye Networks Merge

    Dean Drako, Chairman of Brivo, the leading global provider of cloud-native access control and smart space technologies, and Founder of Eagle Eye Networks, the global leader in cloud AI video surveillance, today announced the two companies will merge, creating the world’s largest AI cloud-native physical security company. The merged company will operate under the Brivo name and deliver a truly unified cloud-native security platform. Read Now

  • Security Industry Association Announces the 2026 Security Megatrends

    The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now

  • The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

    Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now

  • A Look at AI

    Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now

  • First, Do No Harm: Responsibly Applying Artificial Intelligence

    It was 2022 when early LLMs (Large Language Models) brought the term “AI” into mainstream public consciousness and since then, we’ve seen security corporations and integrators attempt to develop their solutions and sales pitches around the biggest tech boom of the 21st century. However, not all “artificial intelligence” is equally suitable for security applications, and it’s essential for end users to remain vigilant in understanding how their solutions are utilizing AI. Read Now

Most   Popular

New Products

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.