CNET también está disponible en español.

Ir a español

Don't show this again

Mobile

Security flaw found in Alcatel DSL modems

Computer industry security experts believe they have discovered a vulnerability in high-speed modems manufactured by the French communications equipment company.

Computer industry security experts believe they have discovered a vulnerability in certain high-speed modems manufactured by Alcatel, the French communications equipment giant.

Though only theoretical so far, the problem makes the devices potentially vulnerable to malicious hacker attacks.

The security problems could allow a hacker to bypass people's passwords and alter the devices, rendering the modems temporarily or permanently unusable, researchers said. A hacker also could potentially install code to gather unencrypted credit card information or read unencrypted e-mail messages, investigators said.

Researchers at the San Diego Supercomputer Center, a unit of the University of California at San Diego, published details of their findings in a security advisory Monday night. The Computer Emergency Response Team (CERT), a computer security organization based at Carnegie Mellon University, followed with a similar alert Tuesday. Another author of the alert was Tsutomu Shimomura, a well-known security researcher and co-author of "Takedown," on the arrest of hacker Kevin Mitnick.

"Our purpose here is not to beat up Alcatel...but we thought there were enough weaknesses here that we wanted to alert people," said Tom Perrine, manager of security technologies at the San Diego Supercomputer Center and one of the primary researchers who discovered the apparent flaws.

According to these organizations, two models--Alcatel's Speed Touch Home ADSL modem and the Alcatel 1000 Network Termination Device, which are among the most popular broadband modems--could allow a hacker to remotely install new "firmware," the software embedded within the modems.

Exploiting the modems' vulnerabilities could lead to "unauthorized access, unauthorized monitoring, information leakage, denial of service, and permanent disability of affected devices," CERT said.

For its part, Alcatel said it is working with U.S. researchers to determine the extent of the problems.

"Our engineers are in discussions with CERT and the San Diego Supercomputer Center to try to determine what the problem is and, if there is a problem, what to do about it," said Alcatel spokesman Brian Murphy.

The French media has picked up on the issue already. In response, Alcatel posted a statement on its corporate Web site suggesting that customers install a firewall. Firewalls, a combination of hardware or software, are designed to protect a network by blocking unwanted or malicious traffic.

At issue, according to Alcatel's Web site, is a feature that is intended to allow communications service providers to remotely upgrade the software within their customers' modems.

The modems include protections designed to keep intruders out, but the modem owner must deactivate these protections to allow a software upgrade. Hackers are capable of remotely deactivating these protections, leaving the modem vulnerable unless used in conjunction with a firewall, Alcatel said.

The popularity of Alcatel's modems increases the significance of the security concern.

SBC Communications, the top DSL provider in the United States, and BellSouth, another of the nation's major local phone providers, are two customers of Alcatel's broadband modems, Alcatel's Murphy said.

In November, the company said that more than 1.3 million Alcatel DSL modems were in use worldwide. In addition, a February study by market research firm Dell'Oro Group pegged Alcatel as the world's No. 1 DSL modem maker with a 34.9 percent market share. About 1.6 million people use an Alcatel DSL modem worldwide, Dell'Oro said.

Despite the wide use of the vulnerable technology, researchers admit the Alcatel modem problems are arcane and are unlikely to be widely exploited.

"Admittedly, not everyone is going to wake up tomorrow with new firmware in their modem," Perrine said

Perrine, who said his team was able to gain access to the modems within about three days, estimates a hacker could do the same in about two weeks. "We started talking to (the modem) and it started spilling its guts," he said.