Wired ran an article last month about the NSA compromising routers and switches in their spying efforts:
According to the Post, the government planned to expand the program to cover millions of additional foreign machines in the future and preferred hacking routers to individual PCs because it gave agencies access to data from entire networks of computers instead of just individual machines.
This totally makes sense. More often than not the most interesting data is what is transmitted over the network. Also saves on having to compromise multiple computers, instead just breaking into the central point they all share.
Given the revelations of the NSA spying on U.S. citizens this year, it would seem likely that they would use the same approach domestically. There are hundreds of thousands ( if not millions ) of wifi routers, switches, and cable/DSL modems deployed across the U.S. in homes and businesses. Now combine this with the number of reports of simple compromises on some of these devices and you have a recipe for domestic spying on a large scale.
What sort of simple compromises do some wifi routers and switches have? Checkout a report this week on a few Netgear models, and another report earlier in the month about certain D-Link models. Even if these vendors released updated firmware revisions that fixed all of these issues, when is the last time you updated the firmware on your home router, cable/DSL modem, or switch?