This article is posted with permission from our partner MacPaw. MacPaw makes Mac + iOS apps that have been installed on over 30 million devices worldwide. Freelancers Union members receive 30 days of free unlimited access to CleanMyMacX and Setapp: https://www.creativelounge.club/c/macpaw/

If you work from home, you might think that you’re safe in terms of cybersecurity. But hackers believe otherwise. They hope your Wi-Fi router is vulnerable to their favorite type of attack. Their arsenal for the task is considerable. They can brute force your password, use vulnerability scanners, or even pretend to be a friend of a friend at your party. 

In this article, you’ll find out about the main threats that endanger your home Wi-Fi and how to protect from them. Read on to learn why you should check your router’s settings if you host parties at your apartment and more! 

Why your home Wi-Fi network security is so important

Public Wi-Fi networks are dangerous — that hardly surprises anyone today. Domestic Wi-Fi networks, on the other hand, are thought to be as secure as safe deposit boxes. Unfortunately, that’s not the case. 

Devices that power any Wi-Fi network, routers, are vulnerable to many attacks. They can endanger not only you but your organization's cybersecurity. With 66% of U.S. workers WFH at least sometimes, it’s evident that there are plenty of opportunities for cybercriminals. 

Disastrous data breaches are often the result of successful router hacking. The recent case of LastPass proves it. Cybercriminals got access to a home router of a LastPass’ engineer. The employee supervised the company’s infrastructure. The attackers hacked the victim’s personal laptop and installed a keylogger — a malicious script that records all keyboard inputs. After some time, cybercriminals received the master password from the password manager of the engineer. The rest, as they say, is history. 

Two critical mistakes caused the incident. First, the worker used their personal computer to access the company's internal resources. Second, they didn’t update the firmware of their router, which enabled the hack to occur. 

Why are routers so insecure? 

There is a universal truth about cybersecurity. Devices most at risk are those directly connected to the internet. That’s why cybercriminals hack routers so often. 

The vast majority of Wi-Fi routers are not adequately safeguarded. Other statistics show that 90% of routers have vulnerabilities. On this resource, you can check whether your router is easily accessible from the internet and hackable by known techniques. 

Cybercriminals can access even highly secure domestic networks by exploiting router vulnerabilities to steal confidential personal and corporate data. 

What affects router security 

If a cybercriminal is within reach of your Wi-Fi, they can try to brute force your password or research the router model vulnerabilities. If they are out of the range of your home network, they’ll have nothing to hack.

The wireless network signal range and strength directly influence the router’s predisposition to be hacked. You can make it more difficult for the intruder by limiting it. After you restrict your home Wi-Fi range to only your apartment, your neighborhood hacker would have to walk the extra mile to succeed. 

Of course, attackers can use special Wi-Fi range extenders, but you'll be okay with a reduced network range in most cases. 

Threat #1. Passwords

There’s another universal truth of cybersecurity: a vulnerability to be exploited is the one that’s exploited most easily. That’s why brute forcing a Wi-Fi network as well as a router admin panel password is one of the most common attacks. If a cybercriminal has access to your Wi-Fi, they will try to hack your admin panel password. Then they’ll open ports to access your router from anywhere. 

Almost all routers have the same passwords to access their admin panels. Most users don’t even change them. It’s a piece of cake for an attacker to google your router's default password. Another security gap is unreliable network encryption. This means that network encryption can be easily decrypted.

If a hacker gains control over your router’s admin panel, they can see what you do online and redirect you to malicious websites. Later, they can infect your computer and phone with spyware. Last, the device itself can be used for DDoS attacks. 

How to protect from this threat 

Use strong (and different) passwords on your Wi-Fi network and your router’s admin panel. Your password should be longer than 8 symbols and contain upper and lower case letters, numbers, and special characters. Try to change your passwords at least once every three months and use a password manager (but not LastPass, I guess). It is also beneficial to make sure your network uses reliable encryption. 

Threat #2. Vulnerability Scanners

Let’s say the hacker has guessed your password or joined your Wi-Fi in another way. The first thing they’ll do is scan your local network with special vulnerability scanners. These programs show what devices are connected to Wi-Fi and their vulnerabilities. 

The good news is that your computer isn’t that easy to hack. But your other smart devices are. Smart TV sets, Wi-Fi LED bulbs, and other IoT gadgets are the most common gateways for cybercriminals into your data. For example, a threat actor can see you have a robot vacuum. They can look up the model's weak spots on the internet, hack it, and then reach your laptop or phone. 

If a hacker succeeds in hacking your router, they can redirect you to malicious websites. This way, an attacker can steal your online banking passwords and credit card numbers.

How to protect from this threat 

Set up your Wi-Fi range so only people in your apartment can use it. Sign in to your router’s admin panel and block all devices you don’t recognize. Last, use a trusted VPN. 

Activating a VPN should be your daily habit because this tool is helpful for various reasons. It’ll hide your actual IP address and encrypt your traffic, and the attacker won’t be able to intercept your internet data. 

A VPN lets you secure your browsing, connect to other countries, and bypass geo-blocking. If you’re unsure what VPN to use, I recommend you try ClearVPN. It’s an intuitive, easy-to-use VPN solution with a gorgeous design. Crafted by MacPaw, ClearVPN is a trusted and secure VPN app available for Mac, Android, Windows, and Mac. 

Threat #3. Port Security

Let’s talk about port security. Imagine you’re hosting a party. Your house is full of people. Some friends of yours have brought their friends you see for the first time. It sounds paranoid to suspect that someone might be a cyber criminal in disguise, and the possibility of this is low — but not zero. 

A hacker might simply plug their cable into your router and connect their device to your network without entering a password. After that, they can open the router to the internet to not lose access after they leave your apartment. With the ability to control your router from anywhere in the world, the hacker can simply repeat the steps described in Threat #1. 

How to protect from this threat 

First, think twice about where to put your router. The best place for it is somewhere hidden from prying eyes. It could be a drawer or an empty shoe box — somewhere you’d not think to look into if you were a guest at someone’s party. Second, configure your port security. Log in to your router’s admin panel and create a list of devices you trust. Also, make it so unknown devices can’t connect to your router by wire.

Threat #4. Software & Hardware Vulnerabilities

There are two types of weak spots for routers: software and hardware. 

Some hardware vulnerabilities might be caused by incorrect hardware design of the device. Many manufacturers want to make their products more affordable. This comes at a price: they might neglect some crucial parts or use cheaper alternatives. Therefore, if you want a secure router, the cheapest option on the market is a no-go. 

There is an abundance of software vulnerabilities because they are simpler to find. Usually, such vulnerabilities are caused by the lack of security audits (the manufacturer doesn’t check its gadgets for how protected they are). One more possibility is that the way the router manages its memory (RAM) is inefficient. 

How to protect from this threat 

Update your router regularly: You can do this in the admin panel. Also, purchase routers from brands you know and trust. As I’ve said, the cheapest router isn’t worth it. It will not do you any good, even if it’s not hacked: your internet speeds might be slower with it, and who enjoys that? 

How to check whether your router is hacked 

Hosted too many cocktail parties, had a router visible to everyone, and used “1111” for its admin panel password? It’s a smart idea to check your router's integrity. There are four red flags for you to notice that might hint that your router has been hacked. 

🚩 Slow internet speed 

If your internet is as slow as a sloth, it may be because someone else uses it too. Your router can be infected and used as a part of a botnet network for mass DDoS attacks.

🚩 Weird DNS settings 

Check your router’s DNS settings in the admin panel. If they aren’t the most popular or those provided by your ISP, it might be because someone changed them to malicious ones that steal your data. In that case, change your DNS manually and choose a reliable provider, e.g., Google.

🚩 Admin panel changes you don’t remember making 

It doesn’t hurt to go into your router’s admin panel occasionally. If someone else has been there too, you might notice weird changes like a new password or opened ports. 

🚩 Devices you don’t recognize

Open the admin panel and check who’s connected to your Wi-Fi network. You can usually see the name, the model, and the manufacturer of all devices. If you see a Windows PC connected to your network while you own a Mac, block that device immediately.  

Recap

Your router can have software and hardware vulnerabilities. Cybercriminals can exploit them to steal your data, infect your working device, and spy on each step of yours on the internet. As a result of a successful hack, your company data can be revealed in a data breach. 

You can protect your Wi-Fi from attackers by following simple rules. First, get a router from a trusted brand, update it regularly, and set up strong passwords for both the network and its admin panel. Second, ensure it’s hidden from prying eyes: limit its range and place it where a cybercriminal wouldn’t be looking. Last, learn how to use the router’s admin panel and check connected devices and DNS settings occasionally. Good luck!