With the rise of consumer broadband, Internet routers have made their way into just about every home and office in the United States. Whether you’re still on DSL, have a cable connection, or are enjoying the latest fiber optic feed, you have a router to link your home or office network to the Internet. And your router might just be the Achilles heel of your network security.
Consumer-grade routers are built for simplicity, a boon for the average user who may not have either the time nor the expertise to install and maintain a more sophisticated appliance. Unfortunately, ease of use often goes hand in hand with a lack of security. To help prevent unauthorized access to your home network and computers, you need to be aware of the dangers of using a consumer-grade router and how to manage them.
Outdated Firmware Can Turn Your Home Router Against You
Modern routers aren’t much different from computers. They contain micro processors, memory, and almost always run their own operating systems. A router’s operating system software is usually called “firmware,” and like the operating system on your laptop, your router’s firmware requires regular updates in order to remain secure.
Unlike your computer’s operating system, however, most home routers in use today don’t obtain and install updates automatically. Up until a few years ago, home routers simply didn’t have this functionality. And even a brand new router purchased last week might have automatic updated turned off by default.
If your router is running outdated firmware, it can leave you open to numerous attacks. For example, in 2014, a vulnerability was discovered which affected many popular models of Linksys home network routers, and lead to the spread of “TheMoon” worm.
That same year, security researchers revealed that more than 300,000 consumer-grade routers produced by D-Link, Micronet, and others had been compromised in a way which allowed hackers to capture users’ login credentials for many popular online services.
Home Routers Can Be Vulnerable to Denial-Of-Service Attacks
It seems like every week the media reports on another distributed denial-of-service attack targeting a major company. In late 2014, hackers took aim at both Sony’s PlayStation Network and Microsoft’s own gaming service. The result was days worth of down time for millions of users.
These attacks employed “botnets,” collections of hundreds or even thousands of compromised computer systems surreptitiously controlled by malicious hackers. However, a denial-of-service attack doesn’t have to be distributed in this way to cripple a consumer-grade router and take down your home or small business network.
Consumer-grade routers are notoriously vulnerable to relatively simple denial-of-service attacks which can be performed by a lone hacker using a single machine. By flooding the routers public Internet address with carefully-crafted packets (also known as a “SYN flood”), a hacker can cause your router to become so busy responding to his or her malicious requests that it can no longer handle legitimate traffic.
Even worse, the firmware found in most home routers just isn’t designed to cope with large amounts of malicious traffic. When flooded with bad requests, many of these consumer-grade routers will simply crash, leaving your network completely offline until someone resets it manually.
Your Router is Your Network’s Front-Line Security Force
In order to keep your home or small business network secure, you need to adopt the proper mindset when it comes to your router. Your router isn’t just responsible for keeping your network connected to the Internet. It’s your first line of defense against unauthorized access. If your router is vulnerable to attack, it puts your entire network and all of your other systems at risk.
The first step you should take to ensure your router’s security is to purchase a quality appliance to begin with. While the best brands and models to buy tend to change from year to year, you should plan to spend no less than $200 to $300 for a decent home or small business router, and leave the $79 “deals” on the shelf where they belong.
Next, you should ensure that the router is properly configured and installed by a qualified, security-minded network specialist. Even the most secure router can be mistakenly configured in a way which ultimately leaves your network vulnerable to attack.
Lastly, your systems administrator needs to regularly inspect your router’s firmware and ensure that it’s running the most recent version available. Even if automatic updates are turned on by default, they can still fail without warning and open the door for malicious hackers. It only takes a few minutes to check a router’s firmware version, and the effort can save you from hours or even days of downtime.
The security of your home or office network depends on the security of your router. As the link between your systems and the Internet, you need to take your router’s selection, installation, and maintenance at least as seriously as you would for the computers connected to it. If you don’t, you could be leaving your entire network open to attack.