January 26, 2013

Belkin to Acquire Linksys

Belkin published a press release today announcing their intent to buy the entire Cisco home network business unit, including Linksys. Cisco has long kept Linksys and Cisco development platforms separate, utilizing Linksys to penetrate the retail market the Cisco brand was ill-equipped to approach. This means this sale should have little impact on the core of Cisco’s business. What about the impact for Belkin/Linksys? I imagine it will work out similarly to when Seagate bought Maxtor: both brands will remain on sale for the time and eventually merge into the single Belkin brand in time.

What Does This Mean For InfoSec?

With neither brand being particular stalwarts in the category, I imagine any merger will not do much to improve matters. A merger of product lines, hardware and software, may open new avenues for attack that were not present on old models.  Additionally, this will result in significantly fewer new models of internet routers appearing for the home market.  This also means there will be twice as many hands working on finding exploits for the ones Belkin/Linksys does make.  Unfortunately, history dictates these hands won’t be doubled at the vendor.  Just as how PC’s tend to be more targeted by malware authors because of increased market share, Belkin taking over the home router business will no doubt make their products even more scrutinized by black and white hats alike.

What Should Be Done About Linksys/Belkin Products?

Follow general best practices regarding Home-class networking appliances.  Keep them out of the enterprise, password protect everything with a strong password, consult security bulletins as they become available and apply patches and updates when able.  If security is a serious concern, consider avoiding the Belkin brand after the merger and consider the security that have been released about a product and brand before making a purchase.