The Technology Headlines

"Harmless" Home Router or Biggest Cyber Risk?

"Harmless" Home Router or Biggest Cyber Risk?

Igor Rabinovich,

Life goal: control your IoT and smart home devices simply by connecting them and enjoy the access to your home network.

Beware, though.

Most routers provided by your ISP have at least two security vulnerabilities – password-related, security protocols, and more. Those home routers, with little or no security, are one of hackers’ favorite targets.

Remember, it’s the router that connects your smart home automation devices to each other and the web. If it’s compromised, it’ll function as a swinging door that allows access to hackers into any and every piece of your home network – including your PCs, which contain access to your bank accounts, emails, etc.

If you keep all your devices’ security apps up to date, but neglect to check the router, the first line of defense, it’s time to change habits.

Your home router is only as secure as the operating system that runs it, in other words, its firmware. So, put down whatever you’re doing and check if your router meets the following security criteria:

One, default password: if you haven’t yet, change it - now.

Perhaps your router STILL has a default password because you couldn’t be bothered to change it. Of course, you shouldn’t be surprised that hackers know this key to access your router and admin dashboard, Wi-Fi networks, etc. Why there are even default passwords is a complete mystery.

To prevent security vulnerabilities, something must be done to prevent users from doing anything unless and until you change the password. This hasn’t been implemented yet, though.

Two, Wi-Fi Protected Setup or WPS: disable it.

Many routers support WPS, a feature that increases your wireless network’s vulnerability to attacks because it allows users to connect devices to the router using only a PIN, without requiring a network password. You read that right: no password required. If your router has WPS, the best way to avoid the inevitable attacks is to kill it: Use your router’s disable WPS option if available or at least render inoperative the PIN-based authentication option.

Three, Universal Plug and Play or UPnP: turn it off.

UPnP allows IoT devices to easily establish connections to other devices. Unfortunately, instead of working only within your home network, UPnP also enables devices outside your home to come into your network, making it easier for hackers to perpetrate their dastardly deeds. Imagine locking your door but keeping your windows open.

Be sure to turn off your UPnP. The problem is that even if the router ignores all requests for access from other devices, it also cuts off incoming remote access.

Get smart with your smart home security.

No, you don’t have to get another router, but you can get a technology - an instant, plug-in wireless intrusion and detection dedicated  appliance connected to a LAN port on your home router. Using threat intelligence, behavioral analysis, and machine learning but without slowing the connection, the solution will scan the home network and immediately shut down any infected IoT device if it detects a security threat. Moreover, it will instantly notify the homeowner with a detailed report of the incident and provide on-call security experts available 24/7 who can remotely and immediately restore the home network security.

Remember, enterprises pay millions of dollars per year to have this level of protection for full-time security specialists and the related security hardware to protect against security vulnerabilities.

Igor Rabinovich is CEO and founder of Akita. Akita provides “Smart Home Security as a Service” for consumers and MSSPs, using military-grade security protection to prevent botnets, DNS spoofing , cryptojacking, and other IoT-based attacks against home IoT devices and their connected networks.