Late last year we ran a blog on vulnerabilities in D-Link routers. In recent weeks hacks on routers have reportedly picked up with attacks on Linksys and Asus routers. There are even reports of hackers in Poland launching large-scale router attacks to get log-in details and passwords for online bank accounts.
A router used to be simply a router but with increased services running through them they’ve become a gateway into the home and your digital life.
And of course, all your Internet communications go zipping through your router. From a hacker’s perspective a router is an ideal position to listen to traffic, especially if there is more than one computer connected via the router.
Increasing number of attacks on home routers
In theory if a router is compromised, then a hacker is inside the firewall and can pick out credit card numbers out of emails, confidential documents, passwords, photos and just about all the digital things we hold dear. But are routers really under attack or is just a scare story?
Well, it has been revealed that the NSA targets routers as part of its Quantum Insert programme. And some research suggests that as many as 70% of routers for home and small office users have some form of vulnerability. Certainly, according to some sources, the number of attacks on routers has been steadily increasing over the last 12 months.
How do you protect yourself from router hacks?
For the average user it’s actually quite difficult to detect attacks on routers. To get around this it’s easier to take more generic action that protects the router.
One of the first things you could do is check which brand router you are using and then go to the manufacturer’s web site. If there are vulnerabilities specific to the router you use, there should be some information on the web site about firmware updates. Take note and follow the advice.
At a more general level another step is to make sure your router access is encrypted. Wireless routers sometimes come with the encryption feature turned off. You must turn it on. The directions that come with your router should explain how. If they don’t, check the company’s website.
Also change the name of your router from its default setting. The name of your router, usually called the service set identifier or SSID, is likely to be a standard, default ID assigned by the manufacturer. Change the name to something unique that only you know.
The manufacturer of your wireless router probably assigned it a standard default password that allows you to set up and operate the router. Hackers know these default passwords, so change it to something only you know. Use passwords that are at least 10 characters long, the longer the password, the tougher it is to crack.
And finally, make sure you have good antivirus software and a firewall.