Recently published reports have uncovered critical security vulnerabilities that could be exploited and lead to unauthorized remote control of wireless routers. Basically, if the router becomes compromised, the hacker can gain access to the firewall along with the ability to retrieve credit card numbers, confidential documents, passwords, photos and more.
There are three well-known types of attacks:
- Attacks can be launched directly against the router without access to credentials.
- Human activity that allows unauthenticated attacks, which require following a malicious link or browsing an unsafe page.
- Authenticated attacks, which require the attacker to have access to credentials or that the victim is logged on with an active session.
Unfortunately, there is no fool-proof way to prevent an attack, but here are some common-sense steps that can help:
- Follow the manufacturer’s directions to properly set-up your router.
- After installing a new router, update the firmware. Continue to access updates on a regular basis, since they are usually not automatic.
- Change the router’s default username and passwords. Make them something unique and complicated. (Please note, some router firmware will not allow you to change the username, so this may not be an option.)
- Clear the browser cache and cookies after changing any router setting.
- Use WPA2 security protocol instead of WEP. WEP works by using secret keys or codes to encrypt data. It is defined as the 802.11 standard and aims to provide security by encrypting data over radio waves as they are transmitted from one point to another. Since the same codes are generally used for long periods of time, they can be hacked more easily. WPA2 is the latest implementation of WPA, and offers a higher level of assurance that only authorized users can access the wireless network. It is based on 802.11i standard and provides government grade security. The type of security you use is dependent upon the wireless router vendor, so reference the user manual for your router.
- While Wi-Fi Protected Setup provides an easy to use WPA2 configuration, it has its own flaws. It is recommended that WPS be turned off to avoid leaving a potential vulnerability open to the public.
- Turn off remote administration.
- Avoid questionable links and websites.