A customer asked me this recently. She noticed a new unidentified device connected to the router at her house and was quite concerned that she was being hacked. Impressed that she was so clever, I remotely connected and checked the router.
Lucky her, we identified an old booster that had been plugged back into the wall at some point but was not really in use. With so many new devices connected to the internet now, like smart thermostats, lighting systems, remote door security, and cameras, you often cannot tell which device is which based on the name displayed in the router. These names often are unique manufacturer IDs based on the model and specific item. These devices have security holes of their own but should be protected from outside hackers as long as they are behind the router, in theory.
However, in May 2018, the FBI announced that Russian hackers named Sofacy or Fancy Bear hacked thousands of store-bought routers, mostly in Ukraine. The FBI noted that it was difficult to determine if your router was hacked.
On the outside of your home, hackers use "port scanners" to check for open ports (or entrances) that allow them to connect. If remote administration is turned on in the router settings, which is not on by default, then the firmware can be exchanged for a malicious one that allows the hacker to control your router. While this is scary, this is unlikely to be the case for new routers created after 2018. You can easily replace an older router and instantly increase your security. We definitely recommend it.
In addition, if any firmware updates are available on the router's main screen, update the firmware immediately. These updates are almost always security updates. However, understand that Comcast and Centurylink routers give you fewer management options and are proprietary. So if you are looking for the settings described above, then you might not find them. If you don't buy your own, you may be stuck with their router, monthly payments, and possibly less security. You can always reach out to the company, though, and ask them to help ensure everything is secure.
Third, if you have a default user name called "Admin" and a default password called "password," anyone who knows your wireless password and is connected to the router can log in as "Admin" and change things, including the password. The easiest thing to do is try to log in with the user name and password listed in the documentation and change the password, which might prompt you to do.
These 3 things make your router secure:
For increased security and slower loading of web pages, you could set up a VPN. Virtual Private Networks are often required to work from home in order to encrypt the connection so a middleman cannot sneak a peek and possibly use your information to hack the corporation. But there is a point of overkill, and VPNs slow down opening up a website or checking your online Gmail. Setting them up is also more involved. Instead, I use a password manager and 2FA, or two-factor authentication for my passwords. I don't care if some hacker can access my thermostat or lights so much as their ability to steal my identity.
If someone uses a dictionary attack to guess the password, short passwords might only take an hour or two to hack. Malware installed on your computer can potentially send your typed passwords or stored passwords to some hacker directly. Or these passwords could be obtained from a business you visit (hello, Target!). To avoid reusing passwords on different sites, you can use a password manager such as Bitwarden, OnePassword, Lastpass, or Dashlane. They can offer completely unreadable, long passwords and store them for you. This means that you do not have to remember the password because they will remember it for you.
2FA increases security by using a second device beyond a password that no computer can hack. It can be painful to use, especially for every Amazon or Paypal purchase, but no hacker can use both your password and your phone unless that particular hacker has stolen your phone. Note that most hackers are not local to you at all. Each website with a stored credit card is slowly adding 2FA. You can either set it up with a code sent to your smartphone or use an authenticator like LastPass, Authy, or Google Authenticator. Why use an app on the phone? Codes sent through email are not secure if the email password is stolen. Codes sent via text sometimes take a while to arrive. The authenticator is instantaneous, which is what we highly recommend to anyone and everyone.
Long story short, ask yourself if the router secure, then what am I worried about? Or am I apprehensive about my passwords or identity being stolen?
If you have any questions or want help checking your security, reach out and let us help you!
As a managed services provider, our primary job is to be proactive. We monitor, backup, update, and protect.
We love taking care of our clients, and can help you take care of yours, too! QuickFix offers a robust reseller program!
76% of all malware attacks happen through Email. Not only is our email safe, but it’ll also be your work-horse.
We keep workstations running quickly and safely so that you and your team can focus on working instead of fixing.
Having a reliable, fast, secure network is like having a safe, fast, and secure ambulance. There should never be another way.
Our in-house web team provides white glove web maintenance, construction, and design.