It was recently discovered that millions of ADSL routers were hacked in Brazil to create a large botnet chain. This is an unprecedented move that goes to show that not even our routers are safe from attackers. Many homes and offices use Wi-Fi routers for web access today so it is important to understand the need to keep these devices protected.
Unfortunately, attackers have now come up with innovative methods to infect a router. A compromised router is dangerous because an attacker can direct a victim to fake pages that derive information and convince him to install malicious programs. Moreover, such pages can also contain drive-by downloads or malicious Java applets that can infect a system. Advanced attackers can even make use of spyware and other tools to record keyboard strokes, real-time videos through the webcam, audio recordings through the microphone and other data.
What makes a router vulnerable?
These nefarious incidents occur when an infected router leads to a malicious DNS server. Routers that are vulnerable to such attacks can be remotely accessed from the web and then programmed to direct machines to fake websites.
The primary cause of this vulnerability is that a majority of users do not change the default username and password for routers that they own. They simply use the default entries provided by a manufacturer instead. This username and password is required to access the configuration of the router and it can only be accessed by visiting a unique IP address that the manufacturer provides.
Moreover, security patches and fixes for router vulnerabilities are released very rarely. So if there is a vulnerability present, it takes a long time to resolve. Most users are also unaware about the need to update the firmware in their routers and this prolongs the time period for which a router can be exploited.
Steps to ensure router safety
The following steps need to be adhered to in order to prevent a router from getting hacked:
- The default password provided by the manufacturer must be changed. The way to implement this can be learned from the router user manual or a Google search or a call to the support team.
- If a firmware update for the router is available, it should be installed immediately.
- If a router has a hardware firewall, it should be implemented. This Internet firewall protection can be enabled from the router settings configuration page.
- The WAN ping feature from the configuration page should be disabled. This feature allows hackers to check if a WAN IP address is valid.
- Security encryption like WPA2 or WPA (Wi-Fi Protected Access) must be enabled. This ensures that no party can access a WiFi connection and router without the password.
The best system protection software is essential for complete computer security, but there are certain manual steps that need to be taken as well. Attackers can only infect routers and machines if there is some form of vulnerability for them to exploit and such vulnerabilities can only be found on unpatched machines. It is strongly recommended that you upgrade to Quick Heal 2013 for protection against the latest malware threats and attack methods exploited by attackers.