Most WiFi users assume their home and small office networks are secure. When they’re not, it’s often due to their own careless wireless behavior — everything from using weak passwords to outdated security.
But according to a new study by Independent Security Evaluators of Baltimore, WiFi users aren’t the only ones to blame for some very serious security threats.
ISE found that nearly all of 13 popular home and small office (SOHO) routers have critical security vulnerabilities that could allow hackers without a lot of expertise to compromise and control them remotely — making it possible to sniff or modify network traffic.
ISE’s report concluded that all 13 routers could be taken over from the Local Area Network while 11 of the 13 could be taken over from the Wide Area Network. The routers tested came from Linskys, Netgear, Verizon, Belkin and D-Link.
How Compromised Routers Could Destroy Your Online Security
A compromised router opens the door for an attacker to intercept the traffic of anyone on the network. If the traffic isn’t encrypted by a virtual private network (VPN), he can view it. If the attacker exploited the router’s vulnerabilities, he could use man-in-the-middle attacks to launch more sophisticated attacks against all users in the router’s domain. According to ISE, these include sniffing and rerouting all non-SSL protected traffic, altering DNS settings, performing denial of service attacks and impersonating servers.
The security risks created by compromised routers don’t end there.
Routers are also firewalls that often represent the first and last line of defense for protecting the local network. And there’s more bad news from the ISE report: “ISPs deploying large numbers of vulnerable routers could also give hackers a way into their core infrastructure.” Let’s hope ISPs are paying close attention to this threat.
Independent Security Evaluators urged router vendors to focus on addressing the critical security risks it discovered. It plans to do a follow-up router study in the near future. While ISE says there’s little the average home/small business router user can do to fully mitigate these attacks, there are some steps you can take to enhance your online security:
What You Can Do to Secure Your Router and Your Network
The FBI and the Federal Trade Commission recommend changing the default identification and the administrative password on your wireless router; creating a long strong password of upper and lower case letters and numbers and symbols; and securing your wireless network with WPA2 security. We also recommend disabling remote management and requiring SSL for local management; keeping your router’s firmware updated; and turning off features that weaken wireless security such as DMZ or port forwarding.
What’s more, using VPN software like Private WiFi is critical for your online security. VPNs encrypt the information sent to and from your computer which makes it invisible to hackers.