“15% of all tested routers were unsecured, with 7% landing in the medium to high severity range for vulnerability.” These shocking statistics stem from a 2016 test of over 12,000 U.S. home networks tested in a survey by ESET. Sadly, very little has improved since then. Modems and routers especially remain juicy targets for hackers. How can we possibly expect our computers, phones, and other devices to remain healthy if our network hub itself is compromised? Using just a web query, observe how easily knowledge can be accessed for nefarious purposes.
Need I say more? This simple search betrays the popularity and ease of cyber crime today. By applying the concepts outlined ahead, you will discover how to solidify security and privacy for your home network, from the wall out.
Three Main Principles
Three main principles are understood to govern network and hardware defense.
- Physical security
- Software and password security
- Device hardening
Let’s take a look at each of these concepts in greater detail so we can understand how to apply them to our individual situations.
Providing physical security is fairly simple– by keeping all doors and windows locked when no one is home and at night, you can eliminate most threats. Still, bear in mind to be cautious of allowing strangers near your network hub. Carpet cleaners, pest control technicians, and maintenance personnel pose just as much danger as the faceless hackers in Russia. Keep a watchful eye on anyone unfamiliar inside your abode, and ensure all work orders are scheduled when you or someone you trust can be home.
Speaking of hackers, let’s dive right into digital protection for your home network. There is a dangerous myth I must dispel; your Wi-Fi password is NOT your router password. The Wi-Fi password keeps your network safe, but it does not protect your router itself from being controlled internally. Why is this so crucial to understand? Lists of default passwords abound online, and hackers can use them to access your router from anywhere in the world. Once in control, they can view your connected devices and activity, upload malware, redirect internet traffic, or even conscript your router into a ghost botnet network. These same liabilities also exist when your hardware is not frequently updated. Ensure to register your modem and router with the manufacturer, and check at least monthly for any new updates that have been announced.
Keep in mind that passwords should be maintained securely and separated from the devices they control. Convenience and complacency only pay off until the unexpected occurs. Everyone has a smartphone these days and snapping a quick photo could jeopardize your entire network in a matter of seconds. You may already know how to access the administration panels for your modem and router either by Ethernet cable or IP address. If you have no clue where to start or simply want a refresher, please reference my follow-up post which goes in depth about the specifics of password changes.
Device hardening is the most technical of the three principles, but you don’t have to be on the Geek Squad to apply these basic configuration concepts to your network. After accessing the administration panel for the password changes, navigate around to the other settings and check each one carefully. Always change the default SSID to something impersonal and nondescript. Ensure the guest network is disabled unless you use it; if so protect it with a password. Set all Wi-Fi networks to use WPA2-AES encryption. And turn off port forwarding, uPnP, and WPS unless you have legacy devices that actually require such weaker access points. Again, if you need more specific directions, consult my detailed article on device configuration.
Become familiar with your equipment, don’t neglect reading the user manuals, and mark those firmware updates on your calendar! Remember, danger never knocks at your virtual door before striking. If you leave it unlocked, just put out a welcome mat too, because a stranger with ill intent will surely cross your threshold. Only you can ensure that tonight you will sleep a little more peacefully. We all will, because internet freedom is defended and cherished by the people, not the government or the tech giants.
Thank you for reading and I look forward to reading your comments below. In addition, if you have any questions or suggestions don’t ever hesitate to contact us via email or phone. Our Business is You!