Germany Proposes Router Security Guidelines

Germany Proposes Router Security Guidelines

The German government has prosed guidelines to increase router security including what kind of routers are sold and installed across the country

The German government has published an initial draft of rules on securing Small Office and Home office (SOHO) routers. The draft, published by the German Federal Office for Information Security (BSI), was put together with input from router vendors, German telecoms, and the German hardware community. 

One approved, router manufacturers don't have to abide by these requirements, but if they do, they can use a special sticker on their products showing compliance.

The 22-page document lists several recommendations and rules for various router functions and features including the following rules: 

  • If the router has a guest WiFi mode, this mode must not allow access to the routers configuration panel
  • WiFi passwords should have a length of 20 digits or more
  • WiFi passwords must not contain information derived from the router itself (vendor model, MAC, etc.)
  • The router must allow an authenticated user to change its password
  • In its default state, access to the admin panel must only be allowed via LAN or WiFi interfaces
  • The router admin panel must show the firmware version
  • The router must warn users about an out-of-data or end-of-life firmware

These are just a few of the BSI recommendations, see more in the above linked-document.

Germany is taking steps to standardize router security following an incident that took place at the end of 2016. A British hacker known as "BestBuy" attempted to hack Deutsche Telekom routers, but bungled the firmware update and crashed nearly a million routers across Germany.


About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

  • Until We Meet Again

    A short three years ago we were all pondering whether to attend any tradeshows all thanks to COVID-19. Sorry to bring that nightmare up again, but it seems that little pandemic is in the rear-view mirror, and it’s time to meet again. Read Now

    • ISC West
  • Cyber Hygiene: What it Looks Like for IoT Devices

    Cyber Hygiene: What it Looks Like for IoT Devices

    For our second pillar about the Industrial Internet of Things (IIoT) Pillars of Security, we are going to discuss what cyber hygiene looks like for IoT devices. Read Now

  • ISC West Announces 2023 Keynote Series Speaker Lineup

    The International Security Conference (ISC), in collaboration with premier sponsor Security Industry Association (SIA), announced five of this year’s ISC West Keynote Series speakers. ISC West will kick off its annual conference on March 28 (SIA Education@ISC: March 28-30 | Exhibit Hall: March 29-31) at the Venetian Expo in Las Vegas, Nevada. Read Now

    • ISC West
  • Accelerating Security Modernization

    In recent years, the term “digital transformation” has been one of the most frequently used buzzwords across industries. On its most basic level, it refers to the reimagining of how an organization leverages its technology systems to improve business processes. Read Now

Featured Cybersecurity

New Products

  • SecureAuth

    SecureAuth

    The acceleration of digital transformation initiatives as a result of COVID-19 has created a lasting impact on how businesses empower their workforce and engage customers. 3

  • HID Signo Readers

    HID Signo Readers

    HID Global has announced its HID® Signo™ Biometric Reader 25B that is designed to capture and read fingerprints in real-world applications and conditions. 3

  • D-Tools System Integrator (SI) Software

    D-Tools System Integrator (SI) Software

    D-Tools Inc. has announced the availability of System Integrator version 16, which adds powerful new project and service management capabilities to its award-winning, end-to-end business management solution. 3