Or, at least, not beyond the initial purchase of the router device.

In a recent analysis of 127 routers from seven major manufacturers, IT security analyst Peter Weidenbach found nearly all of them to have security flaws, some severe. He found everything from missing security updates to easily decrypted, hard-coded passwords and known vulnerabilities that should have been patched over the years.

Home router manufacturers don’t go beyond having the latest version of firmware available after the initial set-up.

Most of the home routers tested were built on the Linux operating system, and the majority of these vulnerabilities are traced back to this underlying operating system. The problem is not with Linux, as they work continuously to close security vulnerabilities. Yet many home router manufacturers install older versions of Linux that have not been maintained for years. And, the router manufacturers are not providing updates with the newer, more secure, versions of Linux. Therefore, many home users are stuck with outdated firmware with many public vulnerabilities and exposures.

Router manufacturer “AVM attaches more importance to security issues than the other providers, even though AVM routers are not without their own security flaws”, Weidenbach wrote. Unfortunately, AVM routers are generally unavailable in the USA. Weidenbach also said that in some respects ASUS and Netgear routers were more secure than D-Link, Linksys, TP-Link and Zyxel.

The good news? There are some things that end users can do. 

To protect yourself, you should ensure that your router has the latest version of the firmware from the manufacturer and is configured securely at the time of set-up. This is about more than just enabling Wi-Fi encryption and not hosting an open Wi-Fi network, both of which are important. Modern routers often offer automatic updates, and you’ll want to leave this option enabled — or enable it if it isn’t already. Depending on your router, you may have to do this by hand or set up automatic updates through the router’s web interface.

To protect yourself, you should ensure that your router has the latest version of the firmware from the manufacturer and is configured securely at the time of set-up. This is about more than just enabling Wi-Fi encryption and not hosting an open Wi-Fi network, both of which are important. Modern routers often offer automatic updates, and you’ll want to leave this option enabled — or enable it if it isn’t already. Depending on your router, you may have to do this by hand or set up automatic updates through the router’s web interface. 

If your router offers a remote access feature allowing you to access the web interface to your router from anywhere in the world, disable this feature. Some routers have back doors that allow bad actors to log in without credentials. By disabling this feature, you’ll be blocking anyone’s remote access. To check the current setting of this access, open your router’s web interface and look for the “Remote Access,” “Remote Administration,” or “Remote Management” feature.

Concerned about security of your router? Call us today 925.827.1200

And, of course, there is the obvious bit of security advice: change the default login credentials. When you set up your home router, typically the manufacturer provides a simple password like “admin”, “system” or, oh-my-the-worst, “password”. Change the router’s password to a non-default password that an attacker cannot easily guess. Some routers even allow you to change the username you use to log into your router.

And last, but not least, set the router to use WPA2, not the weaker WEP encryption. 

We at Cantrell’s Computer Sales & Service can help you with selecting and securing your router. We use our remote diagnostic capabilities to check the level of your router’s security. We can also discuss options and provide additional layers of security to dramatically improve the protection of your home and remote business networks based on your unique needs. Calling 925.827.1200 for details or emailing sales@crsfbay.com will get the process started.

As a last note, many Internet service providers (ISP) are now giving their customers combined devices that function as both a modem and a wireless router. While separate routers can be more powerful, configurable, and feature-filled, that isn’t necessarily a good thing for everyone. 

With ISPs providing the modem/wireless router device combos, there’s a good chance your router is set to receive automatic firmware updates. For example, if you have a current Comcast Xfinity router, there’s no way to upgrade it yourself. On the positive side, this means your router will update automatically, and you won’t need to do anything about this yourself.

With all the work-from-home activity, router security has never been more important. Call Cantrell’s Computer Sales & Service at 925.827.1200 immediately for a remote examination of your router’s security.