With increasing digitalization, the Internet of Things is finding its way into more and more private households in Germany. The central component of the home network consisting of PC , smartphone , smart TV , smart home devices such as roller shutter controls or WiFi- enabled refrigerators is the router, which is both the gateway to the Internet and the management platform for the home network. All information and data that is exchanged in the home network and/or over the Internet runs through the router.
Anyone who has access to the router often also has access to private data. In order to prevent access by unauthorized third parties, the router should be appropriately secured. Given its responsibility for digital consumer protection, the Federal Office for Information Security ( BSI ) has now published the Technical Guideline “Secure Broadband Router” ( TR -03148). The technical guidelines are aimed primarily at manufacturers of broadband routers and define a minimum level of IT security measures that should be implemented for routers in the end customer sector. The aim of the TR is also to make the safety properties transparent for consumers. Manufacturers can support this with suitable labeling on the device. The publication of the TR routers is therefore an important step towards an IT security label, as envisaged cyber The BSI IT requirements for other Internet of Things and Smart Home devices .
“With every new smartphone, laptop or smart household device, not only does the Internet of Things get a little bigger, but also the available attack surface.
The smart home has long been the focus of internet criminals, who are developing new methods and means of attack every day to penetrate the home network, steal data or manipulate web transactions.
In the spirit of digital consumer protection, we enable better protection of the home network with the Technical Guideline for Routers so that users can enjoy the advantages of digitalization and the smart home.
We appeal to the manufacturers to accept this offer and to build a minimum level of security into the routers using 'Security by Design'
,” explains BSI President Arne Schönbohm.
The Technical Guideline is the result of an intensive and constructive discussion with manufacturers, telecommunications providers and associations as well as representatives of authorities and civil society. Routers play a special role as an interface between the public Internet and the private network. They are not only a protective shield for attacks against components within the private network, but also a potential gateway for cyber attacks. In November 2016, for example, there was a widespread cyber attack that also affected routers from a German telecommunications provider and resulted in around 900,000 routers failing and the owners being unable to make phone calls or use the Internet for several days. In addition, a study published by the American Consumer Institute (ACI) in May 2018 made it clear that many routers have long-known security vulnerabilities that have not yet been closed.
Transparency for the user
With the Technical Guideline, the BSI created a basis for making routers more resilient and better protected against attacks. The technical guidelines already specify security requirements that have been tried and tested in practice for the interfaces and functionalities of the router over its entire operating time. For example, the ability to updates on the router is required and the consumer can clearly see how long the router will be provided with (security-relevant) updates . In order to comply with the technical guidelines, the manufacturer is required to close serious security gaps by providing an appropriate update or to transparently terminate maintenance of the router.
This makes it at least more difficult, if not impossible, for attackers to systematically exploit security gaps in routers. Further requirements of the TR relate to minimizing the services running on the device for the functionalities selected by the user, a firewall , and requirements for initial passwords and encryption. For example, requirements for the authentication required to access the router's configuration interface are defined. BSI addresses WiFi offered by many routers in the TR in order to prevent unnoticed and unauthorized access to the private network.
available for download on the BSI at https://www.bsi.bund.de/router-tr
Source: www.bsi.bund.de
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

