The introduction of the home router was a great advancement in security for many owners. Before routers, most PC users relied only on a software firewall or, more often than not, ran no firewall at all. Routers with built-in firewalls have generally been a very good thing.
An item that provides safety can also lead to a false sense of security, however, and leave users vulnerable when attacks that they thought impossible occur. Routers are no different. They can be difficult to set up and often require updates to patch exploits discovered after release. Here’s what you must do to make your router is a boon instead of a burden.
WiFi Is Secure, Except When It Isn’t
All modern WiFi routers provide a variety of encryption choices that are used to make traffic unintelligible to anyone trying to sniff Wi-Fi packets out of the air. At a basic level all forms of encryption work, but some work better than others, and routers are lamentably silent when it comes to providing advice. Many routers list the oldest and least secure option, WEP, at the top of the list – so users often select it.
How can you fix it? The best WiFi encryption option is WPA2. You’ll probably have this choice unless your router is more than eight years old. Though not invincible, it’s unlikely anyone will go to the bother of cracking your WPA2 secured network. You should make sure to pick a long and highly random password, too, since this will make a brute-force attack against your network much more difficult.
You also should disable WPA2-PSK (the PSK standards for pre-shared key) if given the option. This form of encryption has been cracked, and can by-passed with relatively simple tools within a few minutes, no real hacking required. See our article on changing your Wi-Fi password for more details.
Don’t Trust Your Router’s Firewall
The built-in firewall found in a router is one of its best traits. It provides a solid barrier between your home network and the Internet at large, making exploits that transfer themselves across the Internet, aka “worms,” more difficult to pull off.
But your router’s firewall isn’t perfect. In addition to exploits, which I’ll address in detail shortly, routers are prone to simple misconfiguration. Home users often have difficulty navigating complex are unintuitive router menus.
How can you fix it? Use a software firewall. You can use the built-in firewall in Windows or one of the many free firewall options available. Also, you should remember to close any unsecured gaps you might have opened in your router’s firewall. Many people open ports to make software work, but never close them after they stop using the app.
The Malicious March of Progress
Researchers have found a broad range of potential exploits in common consumer routers from companies like D-Link and ASUS. While most are not attacks that were found in the wild but instead discovered in a laboratory, the findings prove that routers are not fortresses. In fact, ever-expanding feature sets seem to provide more potential for exploitation.
How can you fix it? Keep up to date on your router’s firmware. Modern routers sometimes have an automatic update feature, or allow you to update with the press of a button. If you find that option in your router’s options, that’s great. If you don’t, you’ll need to visit the support site of the router’s manufacturer and download an update, then install it manually.
The Classic Password Problem
Home routers are always secured by a password. As explained earlier, this makes routers open to brute-force attacks, which can be effective if a password is too short. But there’s more to worry about than random brute-force hacking; in fact, that’s an unlikely scenario. What’s more likely is that someone will guess or discover your password.
Discovery can be simple. Does your girlfriend or boyfriend know your password? What about your co-workers? Family? Friends? Many of the people who might know your password probably know it because you told them. And your password might be easy to guess if you use the name of a pet or a variation of your birth date.
How can you fix it? Start creating strong and memorable passwords, which will help you learn the basics of a good password. Change your router’s password to something that is not at all associated with your personal life or interests and introduce random characters to it. Also, change your password every few months. A simple Google Calendar reminder can ensure you do so.
Connected Storage Is Helpful but Risky
Many recent routers have added a helpful connected storage feature, usually enabled by a USB port. The idea is that you can connect an external hard drive directly to the router, making it easy for all other computers in your home network to access. And since it’s connected to the router, not a computer, it doesn’t rely on any particular PC being turned on.
Sounds great, right? But there’s also a security risk here. The first problem is the obvious fact that anyone who has access to your home network will likely have access to the files stored on the shared drive. Worse, several security flaws have been found in routers with this feature, which potentially make the drive visible to people not even connected to your network.
How can you fix it? The simple answer is to not use a drive connected directly to your router. A more practical option, though perhaps less secure, is to only use the drive for files that aren’t sensitive. You could also use file encryption, though it will add an extra step into using files stored on the drive.
Don’t Let Your Router Become a Security Time Bomb
Routers are still a boon for home networks, but they’ve certainly suffered their fair share of problems – and it’s likely to get worse. Common network hardware, like a common operating system, is often targeted because it’s popular.
Finding an exploit in a popular router can provide access to hundreds of thousands of victims. This doesn’t mean you have to treat your router like a time bomb, but you do need to beware of the potential pitfalls and take steps to lessen how they can affect you.
What do you think of router security? Do you feel it’s sufficient, or have manufacturers become lazy? Let us know in the comments!