On many occasions, the target of cyber attackers is one step before them, going for the first vulnerable device in a network: the router. Many users, mainly due to ignorance, choose to keep the basic configuration of the router provided by the service provider (ISP). They install, connect… and navigate without further worries.
In fact, according to a study carried out by the Association of Telecommunications Terminal Equipment Manufacturers (VTKE), currently the 80% of consumers in Spain use these serial devices. This is clearly a mistake, since they are exposed to possible security breaches if a series of additional measures are not taken.
Protect your network in 8 steps
To try to shield your router as the first gateway for those responsible for a computer attack, we can implement a series of measures that Check Point Software Technologiesa leading provider of cybersecurity solutions worldwide, for our router, both within the work environment and for the home network.
First, they recommend update and manage administrator passwords. We know of the problem that there is worldwide with leaving passwords by default and this also applies to routers. Like any other device, create strong and unique passwords (don’t use them across multiple products or services) that combine upper and lower case letters, numbers and letters, and some special characters.
Another recommendation is to activate a higher security encryption: WPA2 or WPA3. Although the operator’s routers already have this type of encryption on many occasions, some cheap ones still work under the WEP protocol, which is obsolete and vulnerable. If our router does not support this type of more advanced security, perhaps you should upgrade your router to a better one.
don’t forget about disable admin access remotely, since normally the routers of the operator allow access to the administrator configuration also through the wireless connection by WiFi. By deactivating this option, we will limit access to this control panel through a physical connection via an Ethernet cable, avoiding intrusions by people outside the home that pose external threats.
As we have already recommended on other occasions, it is key to keep network equipment updated. Different firmware updates they also add new security patches. Keeping our router up to date can help us prevent many unpleasantness.
Although many models already integrate firewall in the firmware, in many cases these functions are not enabled by default, having to configure them manually. In this way, with the router firewall enabledall communication data between the Internet and the home network is analyzed to protect the security of your network.
Another tip is disable WPS and UPnP connections. Although they are two popular forms of connection due to their ease and speed of use, unfortunately these forms of connection have proven to be vulnerable to possible external attacks, with some serious security flaws.
Although it may seem harmless, the SSID, the name that identifies our network, can provide data that gives clues about the model and manufacturer of the router and can make things easier for cybercriminals. Hide or change the SSID it can help that, the less data cyber attackers have, the greater our security.
Finally, the recommendation is not having the connection active 24 hoursone of the most obvious steps and at the same time ignored since on many occasions we do not need to maintain an active connection 24 hours a day, being able to cut access to it during vulnerable hours in which we cannot offer an immediate reaction to a stroke.