When router/modem security is compromised by ill-intentioned individuals like black hat hackers, nothing good can come out of it
The internet router/modem is a key piece of kit because it is the last stop where the internet arrives before it reaches your other devices. Basically, all internet traffic (data packets) travels in and out of an internet router/modem, whether that concerns an industrial or home wifi machine -the way they work is more or less the same. Also, the term router can be confusing when referring to this device, especially as it is sometimes interchangeably also referred to as a modem. The two devices are not the same, in that a router receives an internet connection and then has ethernet ports that can connect to other devices. Routers are often used by small businesses, and on for cloud computing purposes where they can split the internet connection to more devices via a LAN or Local Area Network. Technically, a device like a laptop or a smartphone cannot receive an internet connection before it is decoded by a modem. A modem (a compounded form of modulator-demodulator) will convert the internet signal from the municipal switching box into an internet signal, where it receives the WAN or Wide Area Network signal. Yet, today modern internet routers/modems that are offered by ISPs (or those that you can purchase yourself) like Cisco’s or Netgear’s models are modem/router all-in-one combos designed that way to accommodate more devices (like modern-day Smart TVs, smart home equipment, etc.)
Since routers/modems are the pit stop between the municipal switching box outside your home and your personal devices, is it not peculiar then, that the security of these devices is often overlooked? The problem is that hackers can easily get into routers, simply because most people have never accessed their router/modem to change the default manufacturer password. Some go years without doing this, let alone updating the router/modem firmware and/or software. Shockingly, default passwords can easily be looked up online for each specific router/modem brand. All you need to do is look up how to access the router via your web browser’s IP address; usually something like 192.168.1.1 or 192.168.0.1. Once in, the default passwords are usually;
● Username: Username, Password: Password
● Username: 12345, Password: 12345
● Username: admin, Password: admin
In some cases, the username and password are blank -so from the router/modem’s configuration page, it is sufficient to simply leave the fields empty and hit enter or the log in button. Is it not frightening how simple that is, especially given that, once in, one can change all the most fundamental settings of the router/modem e.g. open ports, adjust security protocols and change the access settings. Now, imagine if your router was accessed by a hacker with these simple techniques, he/she would have the ability to compromise all of your connected devices as well as your entire network.
What Can Happen if a Router is Compromised?
When router/modem security is compromised by ill-intentioned individuals like black hat hackers, nothing good can come out of it. Some examples of the consequences of router/modem compromise are as follows;
● The August 2021 T-Mobile incident where an unprotected router was compromised led to the theft of 50 million personal records stored on T-Mobile’s servers. The 21-year-old hacker gained access to phone numbers, social security numbers, and dates of birth. T-Mobile customers reported receiving fraudulent debit card charges as well as spam via text messages and strange calls
● The 2018 attack on MikroTik router/modems where hackers were spying on unsecured routers which led to the internet traffic of thousands of MikroTik users being forwarded to the hackers
● CyberArk security researcher Ido Hoorvitch’s hacking experiment allowed him to breach thousands of home routers with basic WPA protocols in Tel Aviv, Israel by using a revolutionary hack tool
There are countless examples of real-world router/modem breach scenarios, and none of the consequences were trivial in the least. Whenever a router/modem’s security is not up to scratch, that leaves the internet network vulnerable to; man-in-the-middle attacks, packet sniffing, DNS hijacks that lead the user to phishing pages, malware injection, sucking the user into a botnet, and IoT spying.
How to Secure Your Router
Firstly, remember that all routers/modems are not equal. To that end, what you may not know is that you should buy yourself a good router/modem. Seasoned cybersecurity experts have confirmed that the routers/modems the ISP (your Internet Service Provider) sends out are never the most secure choice because they can be compromised or contain code that allows them to snoop on your activities. Apart from that initial issue, here is a list of what you need to pay attention to:
● After you log in to your router/modem configuration page, enter a randomized password and at least 10 characters long. The more characters the merrier the security
● Disable any WPS and UPnP features if you do not explicitly require them
● Upgrade your router/modem’s security protocol to WPA2 at a minimum, although WP3 is better if it is available for you
● Protect yourself from packet-sniffing by keeping your firewall enabled
● Use an SSL or TLS encrypted email program,
● Only browse websites that contain an HTTPS prefix in the URL address bar
● Use a VPN or Virtual Private Network while connected to the internet
The above tips are sufficient for a good level of anonymity and security in terms of home users. In enterprise scenarios, the dedicated IT security department should understand the value of holding confidential customer and financial data and apply industry best practices.