In June 2017, WikiLeaks released secret documents that exposed the tools the CIA uses to infiltrate public and private networks through routers.
These documents have shined a light on how easy it is for someone to hack a router. This begs the question, are your business’ IT security practices keeping your data safe? There’s plenty your business can do to protect your routers, which are often loaded with security holes from nefarious individuals.
Change the Default Admin Name and Password
It’s very common for routers to ship with manufacturer-specific default admin credentials – these are often as simple as using the name “admin” for the admin name and having a blank password. Changing these to a unique name and secure password will go a very long way in protecting your network. To put the severity of this issue into perspective: hackers took advantage of default credentials on IoT devices to launch a massive attack on important Internet infrastructure servers in late 2016.
The information is easily accessible. There are websites like routerpasswords.com that store the default credential settings for just about any router on the market. However, these sites themselves can be helpful for individuals who reset a device to factory settings and forget the default credentials.
Change the SSID
LifeHacker recommends changing your network’s broadcast name, or SSID, because the default names usually give away the router’s manufacturer and may give hints as to the model number. Knowing the brand makes it much easier to break into a router because manufacturers tend to leave the same security holes across many models.
Change the Firmware
If the router supports its alternative firmware like DD-WRT or Tomato, installing either will give the router a security edge. In addition to changing the firmware to something other than what the manufacturer uses, which will render brand-specific firmware exploits useless, these alternative firmware implementations are more secure than what comes stock. If you can’t change the firmware, just make sure your IT staff keeps the router running the latest official version.
Disable Unused Features
Improve router security by turning off any feature your company isn’t using. Disabling features can also disable the security exploits that existing within the features themselves. Unused features can include things like remote administration, Telnet access, WPS, and UPnP.
How to Tell If You’ve Been Hacked (and What to do Next)
A good hack is an invisible hack, so your business should periodically check to see if your network security has been compromised. Hackers can try to accumulate a massive network of hacked routers to perform IoT botnet-style attacks, which may only show occasional performance drops as symptoms.
Checking the router is pretty straightforward. Technology expert Kim Komando recommends using the online tool F-Secure Router Checker to scan for issues. If the test identifies a hacked router, the fastest way to resolve the problem is to run a factory reset on the router, update the firmware, set secure credentials, and reconfigure the network.