We have a small home office and in light of other posts here questioning Ubiquiti Edge OS Routers being infected with malware, a court order?, and the current article on Bleeping Computer About the FBI blocking malware on the Edge routers, are any of their edge routers really safe to use? Should I be looking at some other manufacture for a router?
My edge OS router does not use the default user/password, and does have the latest software available for it installed.
Would edge switches also be affected by this malware? I have an edge switch but Ubiquiti no longer updates the switch software.
Should I throw both in the trash and use some other manufactures equipment or just hang on to what I have as other manufactures seem to also have recent malware issues? We already moved away from QNAP servers as they can’t seem to remain secure even when on the current updates, and we don’t have a lot of extra money to be replacing working network equipment because some manufacture decides they won’t fix simple security issues without the government stepping in.
Maybe do a bit more research into the headlines you read - the ones from bleeping computers and tom’s hardware and many others include the fact that the infected routers were accessible because they were still using the default admin password, not from any vulnerability. So if you changed the password, no risk. This could (and has) happened with routers of every other brand, with more or less media attention.
The only questionable aspect from a security perspective is that Edge devices make the linux shell so easily accessible - which is considered a desirable feature by most users. PFSense is the same, if you can SSH then you can drop to the shell (the fact that it is BSD doesn’t matter as far as malicious intent is concerned). Brands that I know make this harder are Cisco and Mikrotik.
Never assume anything is secure… Security is a journey, not a destination…
never use default and dont fall into the user friendliness trap… always harden the system if it’s possible.
You dont have comfort in a racing car as you want to win the race… so why have comfort in security just because others in the company or home is lazy.
If you changed the default user password then you should have no immedu=iate concerns. However, that equipment is dated and system updates are far and few between. Might be a good move to plan/budget for newer networking gear.
