Simple Measures to Ensure Greater Security for Our Router
When we talk about the security of our devices, we usually think directly about smartphones, computers, or even IoT devices. However, on many occasions, the target of cyber attackers is one step before them, going for the first vulnerable device in a network: the router.
Highlights that since the incorporation of teleworking into company policies, the intensity of cyberattacks has grown remarkably, increasing by up to 28% during 2022, exposing companies to new vulnerabilities. Cybercriminals know that most institutions and companies do not have the necessary tools, and they may take time to identify and remedy any threat with the benefit of this.
One of the most common practices among users, driven to a large extent by the lack of more excellent training in cybersecurity, is to maintain and use the basic configuration of your IPS router (distributed for free by the Internet service provider), exposing yourself not only to somewhat lower performance but also to possible security breaches. According to a study carried out by the Telecommunications Terminal Equipment Manufacturers Association (VTKE), 80% of consumers currently use these serial devices.
Beyond the change to other more specialized devices, we can take some simple measures to ensure greater security for our router, both within the work environment and for the home network.
Updating and managing administrator passwords: One of the most significant vulnerabilities in any area of the Internet is undoubtedly in passwords. In addition to some security failures (such as the repetition of these in other accounts and devices or the use of insecure combinations), on many occasions, we tend to keep the default passwords.
Some tips for creating secure passwords include combining upper and lower case letters, numbers and letters or adding special characters. On the other hand, it is advisable to avoid using the same password on different sites, in addition to avoiding exposing the password to third parties (except in using password managers).
Activate WPA2 or WPA3 encryption: Although many new IPS routers already have this type of password encryption, it is still possible to find some configured under the WEP protocol, which is currently more obsolete and vulnerable. To check if our router supports this type of security, we only have to access its configuration web menu through its default gateway by typing 192.168.0.1 or 192.168.1.1 in our browser.
Disable admin access remotely: IPS routers typically allow access to admin settings over Wi-Fi wireless connection. However, by deactivating this option, we will limit access to this control panel by a physical connection via an Ethernet cable, thus avoiding possible external threats.
Keeping the equipment connected to the network updated: whether through an automatic, scheduled or manual update, it is advisable to keep our router’s firmware updated since it is a gateway to any connected devices. Updates are often used to solve cybersecurity problems that arise with new attacks; keeping them up to date is a way to stay protected.
Configure the router’s firewall: Although many of these devices already incorporate some basic firewall capabilities within their firmware, in many cases, these functions are not enabled by default and have to be configured manually. And it is that when a firewall is enabled, all the communication data between the Internet and the home network are analyzed to protect the security of your network.
Disable WPS and UPnP connections: Famous for their ease and speed of use; unfortunately, these forms of connection have proven to be vulnerable to possible external attacks, with some serious security flaws. These functions can be easily deactivated just by accessing the configuration page of our router, generally located within the connectivity section.
Hide or change the SSID: The Service Set Identifier (or SSID) is the name and identifier of the network, usually using some specific data by default that hints at the model and manufacturer of the router. Therefore, it is also not advisable to name these networks with other personal data, such as names or locations. The fewer data cyber attackers have, the greater our security.
Shut down unused networks: Finally, one of the most prominent yet ignored steps is the disconnection of the router itself. And it is that on many occasions, we do not need to maintain an active connection 24 hours a day, being able to cut off access to it during vulnerable hours in which we cannot offer an immediate reaction to an attack. This will increase the level of cybersecurity of our device.