Routers are a key source of data transfer in the home. Computers, laptops, tablets, and phones all use routers to transmit data to websites around the world. This, naturally, makes them a valuable target for hackers looking to steal information.
Here are some ways hackers can use home routers for their own use.
1. Conscripting Them into Botnets
ZDNet reported how hackers would infect home routers with botnet malware, which would then be used in DDoS attacks against web servers. Infected users may not have even realized that their routers were being used in digital attacks.
The botnet case was a strange one, as the fix was very simple: just restart the router. However, the majority of people never touch their routers unless there’s a connection problem, which meant the malware wasn’t flushed out for a long time.
How to Beat It
If you’re worried about your router being conscripted into a botnet, be sure to update your router’s firmware often. You may need to take a look at your router’s manual to learn how to do this. Similarly, give it a power cycle every so often to make sure nothing is lurking within.
2. Performing Unauthorized Access and Usage
Due to how a router is the central data hub for the home, they make a prime target for hackers. As such, if they manage to gain access to your router, they may be able to spy on or steal the data as it goes through. If you have IoT devices or networked hard drives connected to the network, they can access them if you haven’t set up proper passwords.
This one, while it seems scary, is less likely to happen due to the circumstances of how the hacker accesses the router. Ideally, the hacker will need to be in Wi-Fi range of your router, meaning they have to be pretty close.
This is not a concern if you live in a rural area; however, if you’re living in a city or an apartment complex (or both!), you’ve probably already noticed the array of routers your computer can pick up from your own home.
How to Beat It
If you live in a populated area, properly secure your devices. A lot of modern-day routers have forsaken the old standard of making both the username and password “admin” by default, but it’s worth double-checking to see if your router’s password is up to scratch.
It’s also worth checking if your router’s firmware is updated. If it’s not, hackers may be able to get into the router without any username or password!
3. Altering Data that Passes Through
If a hacker doesn’t want to access the router or use it for their own needs, they can instead make it direct users to phony websites. This is called DNS poisoning or DNS spoofing, and it involves changing the DNS cache of a router to send people to the wrong website.
A DNS cache is like a phone book for the Internet; it stores the name and IP address of all the sites you previously visited. DNS poisoning works by sneaking into this phone book and changing out an IP address with a phony one. For example, a hacker could change the Amazon.com entry in the DNS cache to redirect away from the real Amazon and to a fake website designed to look like the real deal.
How to Beat It
As you use the Net, keep a close eye on where you’re entering your details. Typically, websites that ask for login details use the HTTPS certificate to encrypt your login detail. A fake site won’t have this layer of protection, which is a telltale sign should the user be attentive enough. If you find your router is redirecting you to a bad site, try changing the router DNS.
Routers have become a central hub for our homes in the modern era, which makes them prime targets for hackers looking to glean information from victims. Thankfully, there are ways to keep safe from router-based attacks.
When was the last time you restarted your router? Has it been a while? Let us know below.