Menu
Blog.

#CyberSecMonth Blog 3 – Home Networks

Published On: 18th October 2018

Recently there has been a lot of press regarding the security of home or small office routers. Cisco Talos has warned that 500,000 devices including storage devices have been hacked across 54 countries in a suspected state nation targeted attack. The vulnerability is known as VPNFilter and affects router brands like Linksys, MikroTik, NETGEAR and TP-Link as well as QNAP network-attached storage (NAS). You may not have one of these brands, but home routers by their very nature are vulnerable due to their connection to the internet as well as locally through their wireless connectivity. This blog is an attempt to provide you with some basic home router and internet connected device security hygiene, but first let’s discuss why…

In the past, a number of router brands have been found to have a hidden backdoor… a technical term for accessing a router by bypassing encryption or authentication via a default port. Backdoors provide a way for the manufacturer or vendor of the device to access it for maintenance reasons, but through poor security design practices they can all end up with the same hard coded password. If this password is obtained by malicious actors, then all the models for that manufacturer immediately become vulnerable to attack.

Routers control the network, if someone has administrative access to a router, they can potentially see all the network traffic which goes via the router. Some of your network traffic is encrypted, which means all an attacker will see is gibberish, but there will be a lot of your network traffic which may not be encrypted, and this information will be in plain text, which of course can be easily read.

However, what is worse is that once someone has control of the network, they can direct your internet traffic to wherever they like. A malicious attacker can direct you to a page which may look like Amazon, but it’s controlled by them, so when you go to order something, you are giving the attacker your password to Amazon, your address, contact information, credit card etc. If you also use that same password for other sites, the attacker may try to gain access to these sites too (look back to my second blog about using strong passwords!).

Hacked routers can also end up being part of a botnet, which happened to some owners of D-Link and Huawei routers that became part of the Satori botnet which infected more than 280,000 internet addresses in under 12 hours of initiation. Internet of Things (IoT) devices are increasing in our homes, kettles (I’m not sure why these need to be on the internet), central heating systems, lights, doorbells, fitness devices etc. and it’s estimated that by 2020 there will 31 billion IoT devices connected worldwide. Some of the rules for securing routers can also be applied to IoT devices, but it’s wise to check its security before purchasing the latest IoT gadget. You can have a very secure network which becomes worthless after installing a vulnerable IoT device, which happened to a casino who installed an insecure IoT thermometer into a fish tank which was hacked and used to gain access to the casinos gambling database.

But there are things you can do reduce the risk to your home network, however I now hear cries of “but I’m not technical” and “I don’t know the first thing about routers or networking!” If you are not comfortable making these changes, I recommend calling upon the ‘expert’ in the family and get them to make these changes for you. If you are the ‘expert’ also, check on your family relations and friends routers; they may not be as technical and could do with the help and advice.

You will need administrator access to your router:

1)      Change the SSID so it is not instantly recognisable what manufacturer of router you have. The Service Set Identifier (SSID) is the name you search for when looking for Wi-Fi networks… SKY-4HSJT or BTHub6-ABCD-5 as examples, which instantly gives away what provider you are using.

2)      Change the default user name (if possible) and password of the administrator account for your router. As you rarely use this account, make the password very long and complex.

3)      Change the password used to connect to wireless, again use your password manager and make it a long and strong password. It will be a pain when you add a new device as it will feel like it’s taking forever to put the password in (especially with a tv remote), but you don’t have to do that very often, so the awkwardness is worth it.

4)      WPA2 AES or better (WPA3) should be the default authentication method for modern routers. If you know someone with an older router, check that it is not using WEP, as it is insecure and should never be used.

5)      Most routers have built in firewalls, but double check the model with the manufacturer to ensure yours has. If any of your devices have built in firewalls, make sure they are enabled.

6)      Check that remote access is in a disabled state.

7)      Disable universal plug and play UPnP (you may need to temporarily turn it back on for new gadgets but turn it off again afterwards).

8)      Check your router manufacturer for firmware updates, ISP’s (Internet Service Providers), like BT (plus others) automatically update the firmware but check regularly to make sure it’s up to date according to the provider or manufacturers website.

BBC Panorama How We Hacked The House

https://www.infosecurity-magazine.com/news/gpon-home-routers-are-over-themoon/

VPNFilter – is a malware timebomb lurking on your router?

https://www.cnbc.com/2018/05/23/cisco-warns-500000-routers-hacked-in-suspected-russian-attack.html

https://www.telegraph.co.uk/technology/2018/04/24/broadband-flaw-left-400000-brits-open-hacking/

https://blog.talosintelligence.com/2018/05/VPNFilter.html

http://www.bbc.co.uk/news/technology-43788338

https://heimdalsecurity.com/blog/home-wireless-network-security/

https://krebsonsecurity.com/2018/01/some-basic-rules-for-securing-your-iot-stuff/

Article Author.

Jennie Cleal

Senior Consultant - Information Security
Jennie is a focused, strategic leader with a proven ability to encourage and motivate others. She has excellent people skills... Read More From Jennie Cleal

Our Latest Insights.

Our work means different things to different clients and we wanted to share some details of the projects we have managed to give you an insight into our capabilities and the impact we have delivered as a business.

 

View All Insights

Say Hi.

Did you like what you read? Did you want to find out more about the subject? Or did you simply want to get in touch with us? Either way if you would like to get in touch with us you can do so using the form on the right.

Every now and then, Gemserv would like to send you information about our products and services that are relevant to you. By submitting your details lets us know that you’re OK with this and that you also agree to our privacy policy. You can, of course, opt out of these communications at any time!

Get In Touch

Want to find out more?

Follow the links below find out more about the services we provide, our insight into the industries we serve or the opportunities available with us.
Services Our Insights Careers