Hackers are always on the hunt for vulnerable routers. Your router, after all, is your main gateway to the internet. It is an important component in our internet-connected households and businesses.
We've been warning you about how vulnerable your router can be if it's not configured properly. Hackers can hijack it to harvest your personal information, commandeer your smart devices, install malware on your computer and redirect your traffic to fake websites.
And it's not just cybercriminals that we need to guard against. State-sponsored hackers that have completely different motives are equally dangerous too.
Russian hackers are after your router
A few weeks ago, the United States Computer Emergency Readiness Team (US-CERT) issued an alert about Russian state-supported hackers carrying out attacks against a large number of home routers in the U.S.
These Russian hackers are reportedly using known weaknesses to infiltrate residential routers and utilize them to get a foothold on a network and execute these further attacks:
- identify other vulnerable devices in the network
- read your gadget configurations
- map your internal network
- harvest usernames and passwords
- impersonate administrators
- modify firmware
- modify operating systems
- change configurations
- spy on your traffic and redirect it through Russian-controlled servers
What can happen when your router is compromised?
As you can see, when your router is compromised, a hacker can do all sorts of malicious activity, not just on the router itself, but on every connected device in your network.
One of the more popular router hacking techniques is DNS hijacking. DNS hijacking of unsecured Wi-Fi routers is nothing new, of course, and we've talked about this technique before with malware like Switcher and other malicious DNS changers.
It's when hackers alter your router's DNS settings to intercept your traffic, then redirect you to fake versions of legitimate sites designed to steal your credentials. This includes banking information, and even the codes you use for two-factor authentication.
Basically, if your router's DNS servers have been switched to the attackers', they can hijack and redirect all your traffic to any site they want. It's a serious problem, indeed. Once your router is compromised and its DNS settings altered, potentially all of the computers and gadgets in your network can be exploited and targeted.
Another common use for router hijacking is for executing distributed-denial-of-service (DDoS) attacks.
DDoS is an attack where a targeted website is flooded by an overwhelming amount of requests from millions of connected machines in order to bring it down. Traditionally, these attacks are launched from compromised computers and mobile gadgets collectively nicknamed "botnet."
This means unsecured routers, printers, IP web cameras, DVRs, cable boxes, connected "smart" appliances such as Wi-Fi light bulbs and smart locks can be hijacked and involved in cyberattacks without the owner knowing about it.
How to protect your router from attacks
Here are various ways to shield your router from attacks, making it harder to infiltrate and hack.
1. Update your firmware regularly
With hackers constantly looking for firmware flaws to exploit, keeping your router's firmware up to date is a must.
The process is not as hard as it sounds. Once you're in the router's admin page, check for a section called "Advanced" or "Management" to look for firmware updates, then just download and apply as required.
You should check for router firmware updates at least once every three months.
2. Change the default passwords
When you installed your router, did you remember to do this one critical step - changing its default administrator password?
Basically, if someone other than you can get in your router's admin page, then he/she can change any setting they want.
Make sure you've changed the default router password. Every hacker worth his salt has access to all the default passwords of every router brand, so you need to create one of your own that's strong.
3. Turn off remote administration
While you're in your router's administrator page, you can turn off remote administration for better security.
Remote administration is a feature that allows you to log into your router over the internet and manage it. If you’ve ever called tech support, you may have experienced something similar:
Remote administration is a handy tool, especially when you need to fix a problem, but it leaves your computer vulnerable to hackers.
Unless you absolutely need it, turn this feature off. You can find this under your router settings, usually under the “Remote Administration” heading.
While you're at it, you can turn off older internet management protocols like Telnet, TFTP, SNMP, and SMI.
4. Check your DNS settings
To check your router's DNS settings use an online tool.
Click the links provided for detailed steps.
5. Turn on your guest network
There is another simple way to protect your more critical personal devices. Just put them on a separate network that's different from your main one.
You can do this by setting up a completely different Wi-Fi router or by simply enabling your router's "Guest Network" option, a popular feature for most routers.
Guest networks are meant for visitors to your home who might need a Wi-Fi internet connection but you don't want them gaining access to the shared files and devices within your network.
This segregation will also work for your smart appliances and it can shield your main devices from specific Internet-Of-Things attacks.
We have more router security tips! For further reading, click here to learn how to make your router hack-proof.
Test your firewall to make sure it's working
Your firewall is an essential tool that keeps hackers from seeing your computer online. Even if they know your computer's location and IP address, the firewall keeps them from accessing your network. But many don't know if they have a firewall or not, or if it's actually working.