April 11, 2001, 11:16 AM — Weak security in high-speed ADSL (Asymmetric Digital Subscriber Line) modems from
Alcatel SA could allow hackers to shut down the device, monitor data flows, and
use it for cyber attacks, computer security experts said.
Affected systems are the Alcatel Speed Touch Home ADSL modem and the Alcatel
1000 ADSL Network Termination Device, researchers at the San Diego Supercomputer
Center (SDSC) , a unit of the University of California at San Diego, said in
a security advisory
Tuesday. The Computer Emergency Response Team (CERT) at Carnegie Mellon University
also sent out an alert .
The affected modems are sold worldwide and are widely used in the U.S. as well
as other countries.
The devices allow third-party logon for servicing reasons, such as updating
the firmware. Due to "weak authentication and access control policies"
the function could be abused, CERT and SDSC said.
After gaining access a hacker could install malicious code on the modem, such
as a network "sniffer" that monitors LAN traffic, SDSC said. The hacker
could also use the modem in a DDoS (Distributed Denial of Service) attack.
Alcatel is not impressed with the security alerts, saying that the SDSC was
not able to access the modem without exploiting a security flaw unrelated to
the Alcatel modems.
To access the modem in three of the four cases described the device must initially
be fooled into thinking the traffic originated from the local network. To do
this the attacker must use a system on the LAN side of the ADSL modem to relay
traffic to the modem. This is done via the UDP (User Datagram Protocol) echo
service, which should be disabled.
"This is a general network security issue," said Karsten Verhaegen,
business development director for ADSL modems at Alcatel. "We advise all
users to install firewall software to protect themselves from issues like these."
In the fourth case described the attacker needs to have physical access to
the DSL wire.
Verhaegen further criticized the security probe.
"The Speed Touch Home and the ADSL Network Termination Device, a predecessor
to the Speed Touch Home, are not designed for use in a LAN. We have a Speed
Touch Pro with firewall for those professional environments," he said.
Nevertheless, another Alcatel spokesman said the company's engineers are in
contact with SDSC and CERT to determine what the problems are and, if there
are problems, what to do about them.
Co-author of the SDSC advisory is Tsutomu Shimomura, a well-known security
researcher and co-author of "Takedown," on the arrest of hacker Kevin
Mitnick.
Alcatel shipped 636,800 DSL modems in the fourth quarter of last year, making
it market leader with a 34.9 percent share of the worldwide DSL modem market,
according to researcher Dell'Oro Group Inc.
