When was the last time you looked at your home router? We tend to only notice these magical boxes when something goes wrong. And given that many of us get our router as part of a single broadband box (technically known as a gateway, combining modem and router in one device), there’s even less incentive to peek under the covers and get familiar with the technology. Yet as our main link to the internet, either by Ethernet cable or Wi-Fi, routers play an absolutely crucial role for us, akin to a cyber front door for the smart home.
There’s just one problem: hackers know this and they’re becoming increasingly adept at exploiting any security weaknesses on these devices to grab our data, install malware, and remotely control our smart devices.
New research published by Consumer Reports reveals that many of the home routers sold in the US today are still missing basic protections. It’s time we got to grips with our routers (or the routers in our gateways), and took proactive steps to protect the smart home.
The gateway to your smart home
There was a time when the router simply provided an internet connection for your home PC, your laptop and/or your mobile devices, assigning an identity (an IP address) to each to enable their connections. Things have since become a lot more complicated. With the advent of the Internet of Things (IoT), over a quarter (27%) of US consumers now claim to have three or more smart home devices. These could be anything from smart TVs and speakers to connected baby and home security monitors, to smart door locks and intelligent refrigerators. It’s no surprise that sales of connected home products in the US alone are estimated to generate $5.4 billion in revenue by the end of 2019.
The router is the network hub for all of this connected technology. It’s vitally important to keep it secure because, unlike PCs and mobile devices, smart gadgets don’t have the capacity for anti-malware software to be installed on them. That means if a hacker manages to get inside your virtual smart home via the router, they could have free reign to target these devices.
How is my router exposed to hackers?
As mentioned above, according to the August 2019 research from Consumer Reports, multiple router models are still failing on security. The non-profit testing body screened for around 60 different indicators of good security and privacy practice. Here’s a brief list of common failings:
- Eleven of the router models tested accept very weak passwords. These would make it easy for malware like Mirai to search for exposed devices online and then crack them open. One router even prevented users from changing its default log-ins of “admin” and “password,” making it even easier to hijack.
- Around two-thirds of the routers had Universal Plug and Play (UPnP) enabled. This protocol enables devices on the network to discover each other, but it has a history of serious security vulnerabilities.
- Eleven of the routers appraised did not support automatic software updates. These are crucial to keeping devices secure from the latest threats, which try to expose emerging vulnerabilities. If security updates aren’t automatic, users may find it hard to apply them, or forget completely, leaving their router exposed indefinitely. A 2018 study by the American Consumer Institute found that 83% of home routers are vulnerable to attack, primarily because of a lack of firmware updates.
What attacks are possible via home routers?
A vulnerable router means a vulnerable smart home. Attackers can target security deficiencies to: steal your most sensitive data and log-ins; take-over your smart devices and router to launch attacks on others; or even manipulate your home gadgets to compromise the physical security of the building. Here’s a breakdown of those threats:
- Attacks target the router in order to take control of smart home devices. These can then be recruited into botnets and used to target others with: DDoS (denial of service), spam, click fraud campaigns, or attempts to hijack consumer accounts en masse (credential stuffing).
- Attacks can change the DNS server your router uses to resolve URLS (websites) into server IP addresses. Your devices can then be redirected to fake but convincing login pages and your credentials and money can be stolen.
- Home devices could also be hijacked to illegally mine for crypto-currency, slowing down your network.
- Your router itself could be remotely controlled and turned into a botnet for the same purposes as the above.
- Attacks could try to compromise smart home systems in order to spy on your family via home security cameras and even unlock smart door and window locks.
- Routers are the gateway for your web traffic. By hijacking them, hackers could monitor your emails and browsing history and grab passwords to sensitive accounts like online banking.
- If you’re a home worker, there’s even a chance that hackers could grab log-ins to corporate accounts, putting your company’s security at risk.
How to protect your router
Because your router is the hub for the entire smart home, it should be your first port of call when looking to improve home cyber security. Consider the following best practice tips:
- Change factory default passwords in your router to strong and unique credentials.
- Switch on two-factor authentication for even more log-in protection, if offered.
- Check regularly for firmware updates and apply them as soon as they’re available. This may require you to visit the manufacturer’s website from time-to-time.
- Use WPA2 on your routers for encrypted Wi-Fi.
- Disable UPnP and any remote management features.
- Set up a guest network for your devices, which isolates harm guests can cause, as well as hackers’ efforts.
- Put the router in middle of house if possible, so the signal is not unduly extended to hackers who may be lurking in parked cars outside.
- Invest in security for your entire home network from a reputable provider like Trend Micro.
How Trend Micro can help
Trend Micro HouseCall for Home Networks, a free application available on Windows, Mac, iOS and Android, helps home users who want to know if their home network or connected devices are vulnerable to hacking or network threats. This free app scans your devices, including your router, for known severe vulnerabilities and provides advice to help you mitigate the risk.
In addition, Trend Micro Home Network Security (HNS) provides deep protection against network intrusions, web threats and identity theft for every device connected to the home network. It features:
- Internal Attack Blocking: HNS scans traffic between the devices in your network and stops them with Intrusion Prevention (IPS). This includes attacks on your router.
- Router Access Protection*: HNS helps stop hackers hijacking your router and making changes to important configurations, such as DNS settings, that can leave your network and devices vulnerable. It does this by blocking unauthorized attempts to access the router’s log-in page.
- Cyberattack Shield*: HNS deploys emergency security from the cloud in the case of a global threat outbreak, which could spread ransomware to your router and network or turn your devices into botnets.
- Vulnerability Check: Scans your router and devices for any known flaws or vulnerabilities that could be used as entry points for hackers and provides guidance to help you resolve the issues, which may include firmware updates.
- Password Check: HNS also scans for weak or default router and device passwords to ensure your devices aren’t exposed to attack.
- Dangerous Website and File Blocking: Blocks malicious websites and files to protect your personal and financial data from hacking, phishing, ransomware, and risky remote connections. Scans potentially executable PDFs and EXEs in the cloud for malware before they are downloaded to your devices.
- Smartphone app: features an easy-to-use app to make changes and get notifications and updates straight to your mobile phone.
* Note: These features are available through the Early Access Program for those who wish to be the first to try the latest protections from Home Network Security.