What this threat is:
A number of different Linksys router models are at high risk for being taken over, to the point where an attacker can remotely change the router’s administrative passwords, control your entire Internet experience, intercept and read all communication going across the router (including passwords to websites!), and attack the computers behind the router at will.
The problem comes from inadequately written firmware. Firmware is the software that runs on the router itself, but is embedded in the hardware rather than running from a hard drive. In this case, the firmware that was tested had numerous security flaws that made it trivially easy for someone on the outside to take complete control of the router.
Who is vulnerable:
Right now, the assumption is anyone who is using a Linksys router with stock (unmodified, original) firmware.
The router against which many of the tests were run, and on which many of the vulnerabilities were found, was the Linksys EA2700 Network Manager N600 Wi_Fi Wireless-N Router. Unfortunately, the firmware used on this router is the same firmware (with only cosmetic differences) that has been installed on nearly all the Linksys routers released in the last few years. Assume the worst — if you make use of a Linksys router, assume you are vulnerable.
How it manifests:
The description of the vulnerabilities is quite technical. Information about these vulnerabilities was first aired on the blog of Phil Purviance when he contacted Linksys/Cisco about these problems, but received no answer for an entire month.
Ars Technica has a simpler write up, but they fail to note an interesting discrepancy – Belkin (who recently purchased Linksys from Cisco) claims that the flaws discovered were patched in a June 2012 firmware update (which requires the end user to manually install), but Phil Purviance clearly states on his blog that he was already using the latest firmware update.
At the very least, clear indication that your router has been compromised is if you can no longer log in to the router’s administrative interface with the username/password combination that either came with the machine (which is dangerous to keep in place – it should always be changed to something only you know) or that was set up when the router was installed.
Basic actions needed:
Because there are very clear and real indications that the latest “official” firmware updates still contain the flaws in question, there is only one simple solution: purchase and install a router from a different manufacturer to replace your Linksys router.
If you are not comfortable with employing the instructions in the Advanced actions below, the safest bet is to replace the router entirely. Ensure you have someone with technical knowledge to set up your new router so that it has the best security setup possible. There is no way to protect a Linksys router from being attacked at this time, so a complete replacement with a different brand entirely is the only simple solution.
Advanced actions possible:
Replace (or “flash”) your router’s firmware with a third-party, open source firmware such as DD-WRT. This will replace the default, stock firmware (which is what contains the flaws in question) with a third-party firmware that does not contain the flaws. Unfortunately, not all Linksys models are capable of accepting DD-WRT firmware, and research is needed to ensure that there actually is a DD-WRT firmware revision available for your Linksys router model.
However, keep in mind that flashing a router with custom firmware is a very technical process, and is not recommended for someone who isn’t ready to take a big gamble. You have to be absolutely sure that you are flashing the router with the correct firmware (if it is even available) and doing so with the correct sequence of actions. There is a very real danger that you can “brick” your router (as in, turn it into something about as useful as a brick) if you use the wrong firmware or install the firmware with the wrong sequence of actions.
Any competent computer professional should be able to successfully analyze your router for its appropriateness for being upgraded with DD-WRT, as well as being able to do the upgrading itself. If you do not want to buy a complete new router, I would strongly recommend finding someone who can upgrade the firmware of your Linksys router to DD-WRT. I have done so myself on my own Linksys E3000 (I purchased that specific model for that very reason), and find DD-WRT to be a much more powerful and secure solution than the stock (original) firmware.