D-Link is one of the largest manufacturers of networking equipment worldwide, both for the domestic market with routers and WiFi Mesh systemsas above all for him professional market with manageable switches, professional WiFi access points and even gateways to have an Internet connection. Now the manufacturer D-Link has confirmed a data leak that has occurred in recent months, although it has not given too many details about this security problem, the truth is that they have confirmed the breach. Do you want to know if you are affected by this security problem?
The cybersecurity of a network equipment manufacturer is essential, especially because we have the solution to Nuclias Cloud which is cloud network management, if a cybercriminal is able to access your systems, they could compromise the networks of thousands of companies, with the consequent security problem. We must also remember that D-Link has multiple models of home IP cameras that make heavy use of the cloud, not only for real-time viewing, but also for recording clips to the cloud. Therefore, it is essential that the security of your systems is very good to protect all your customers.
Data leak by an employee
The manufacturer has confirmed the data breach, although he has commented that the information that has been leaked is “semi-public and of low sensitivity.” They have also indicated “the data has not been confirmed from the cloud, but has probably originated from an old D-View 6 system that is no longer supported, and whose useful life ended in 2015.” From what the manufacturer has commented, it seems that old and unimportant data has been leaked, although the complete data of this security leak remains to be seen. They have also commented that “the data was used for registration purposes at the time, and there is no evidence to suggest that the data contained user IDs or financial information.”
This security issue has been made public two weeks after a cybercriminal said he had stolen personal data of many government officials in Taiwan, in addition, the source code of the manufacturer’s D-View network management software has been obtained, this is has been made public on October 1, 2023. It has been confirmed that this security breach has occurred due to a Phishing attack on an employee, he will surely have received some type of email where he has clicked and his login data has been stolen .
The manufacturer D-Link has hired the popular firm of Trend Micro cybersecurity For the investigation of the incident, we must remember that this company is the one behind the security of the ASUS routers with its AiProtection Pro, a cybersecurity system to avoid and mitigate attacks from the Internet, being capable of blocking hacking attempts thanks to its Bidirectional IPS. In addition, this system is capable of blocking computers on the local network that are infected. In the case of routers and Wi-Fi Mesh systems from the manufacturer D-Link, we do not have this protection system, which is really useful for adding another layer of security to the clients’ local network. The manufacturer TP-Link also has this security system for its home equipment, perfect to protect all its users.
Trend Micro has commented that there have been many inaccuracies and exaggerations, they have stated that the data breach has only compromised 700 obsolete and fragmented records, unlike what The attackers have commented that there are millions of user data that have been stolen. As time goes by we will see who is right. They have also commented that “the login timestamps were manipulated, to make old data appear recent.”
The manufacturer D-Link has also commented that it is unlikely that this security incident will affect its current active customers, however, we believe that it is still too early to say this, especially if the attackers claim that they have made millions of user data.
