Why Your Wifi Router Security Matters and How to Fix it

Here at Insight Security we are proud to have achieved Cyber Essentials security certification, demonstrating our commitment to ensuring our own and our customer’s data is always totally secure from cyber attack. But we are very aware that many people don’t pay adequate attention to their wifi security which is why we’ve published this article on Wi-Fi Router Security.

When most of us think about online security we tend to consider our passwords, antivirus software and the need to be on the lookout for suspicious emails. But one of the most important elements of online security, both at home and in the workplace, is the Wi-Fi router. These vital pieces of equipment are often neglected and simply left alone to operate using default settings that are never changed. 

Our Wi-Fi routers are effectively the main entrance to our domestic and business internet connections. Every piece of internet connected equipment including computers, tablets, mobile phones, TVs and doorbell cameras, all use the Wi-Fi router. If criminals gain access to a router they can potentially spy on internet communications enabling them to steal vital data, redirect connections to fake and dangerous websites or use the router access to commit crimes - without your knowledge. 

Sadly, many Wi-Fi router exploits are successful, not because the hackers are very brilliant or skilled, but simply because people have left their routers in the default settings they had when first installed. 

Why Router Security is Essential

Its worth knowing exactly what our routers do for us:

• They connect our variety of devices to the public internet.
• They control the internet traffic coming in and out.
• They assign essential network addresses to our devices.
• They often act as a basic firewall.

These are all vitally important responsibilities, especially when you consider what’s being shared via these router-controlled connections. Our login details for all accounts, including banks and online stores, along with other personal and private data, is all transferred via our routers.

If a router is compromised, attackers can potentially:

• Monitor or redirect internet traffic.
• Steal login details and personal information.
• Infect network connected devices with malware.
• Expose router details to a botnet used for large cyberattacks.
• Lock you out of your own Wi-Fi network.

It should be clear that, unlike a hacked email account, a hacked router can potentially affect every device connected to it and all communications exchanged via the router. Even devices that have no screens or inbuilt security software (such as smart speakers and doorbell cameras) can be compromised. 

Router Attack Examples

Router attacks have been the root cause of many well publicised exploits. In 2016, for example, malware called Mirai scanned the internet to identify routers and smart devices that were still configured to use their default usernames and passwords. Hundreds of thousands of devices were automatically identified and infected, creating a giant botnet. This malicious network then launched massive attacks against major websites and online services while the owners of the infected devices had no idea their equipment was being used by criminals. 

And in 2018 researchers discovered a sophisticated piece of malware called VPNFilter that successfully infected hundreds of thousands of home and small business routers, across many countries. The malware was capable of spying on internet traffic, stealing login information and even permanently damaging connected devices. 

In the UK, authorities have seen serious real-world consequences from insecure routers. A 29-year-old man was arrested by the National Crime Agency after mass-hijacking broadband routers into a botnet used to disrupt services, underscoring how easily criminals can exploit vulnerabilities in consumer devices. Similarly, variants of the Mirai malware were discovered infecting TalkTalk home routers because they were left on default settings. Security warnings regarding ISP-issued routers, including alerts from Virgin Media urging hundreds of thousands of customers to change weak default passwords, show that poor router setup continues to put users at risk. Research also indicates millions of UK households have never updated their router settings or passwords, leaving them vulnerable to redirecting of traffic or data theft if attackers take advantage.

Everyday Consequences of Router Exploits

While large scale router exploits might be reported in the national press, router compromises are often linked to: 

• Bank fraud and account takeovers.
• Fake “browser warnings” and malicious website redirects.
• Slower internet caused by hidden background activity.
• Privacy invasions through hijacked cameras or microphones.

In many cases victims are totally unaware that the problems they are experiencing are caused by their compromised router and not their computer, or other Wi-Fi connected device. 

Default Settings Dangers

Most consumer Wi-Fi routers are designed for quick and easy setup. Unfortunately, this often means that hacking these routers is also easy for criminals.

Common default router weaknesses include:

• Router admin usernames like ‘admin’ and passwords like ‘admin’ or ‘password’.
• Wi‑Fi network names that disclose the router brand or internet provider.
• Out‑of‑date router software (firmware) with known vulnerabilities.
• Router configuration convenience features left enabled that expose the router to the internet.

The sophisticated software tools used by attackers relies heavily on automation. The software can automatically scan many millions of internet connections, seeking routers that have never been properly secured and are still using the default settings they had when taken out of the box. Armed with this insight, vulnerable routers can be exploited.

How to Secure Your Router

Its important to know that implementing basic but effective router security isn’t complicated or difficult. If you can setup an email account you will have no problem reconfiguring your Wi-Fi router to be far more secure. Here’s how.

Step 1: Log-in to your router

You can access your router configuration settings via a web browser. Your router may have some connection details printed on a label or in a user manual. Typically you need to enter an IP address into a web browser address bar such as these:

• 192.168.0.1
• 192.168.1.1

Log in to the router administration facility using the details printed on the router or provided by your internet service provider. If you have never logged in before, your router is almost certainly using default settings.

Step 2: Change the router admin password

The router admin account is used to configure the router. The router admin account password effectively controls who can change your router’s settings. If someone gets it, they can potentially take control of the Wi-Fi network. 

Ensuring your router admin password is secure is vital. You should choose a long password that’s entirely unique and not used for any other accounts. And always avoid using names, addresses, pet names or simple words that can potentially be ‘guessed’ by clever software. 

Step 3: Update the router software (firmware)

The router software (firmware) is basically the router’s operating system. Its important to make certain this is always up to date as cyber criminals are always on the lookout for routers using out-of-date firmware that can sometimes have known security vulnerabilities which they can exploit.

Look for the facility to update the router’s firmware or software and make certain the router is up to date with the latest release. If software updates are no longer available it may be time to replace the router.

Step 4: Secure your Wi‑Fi encryption

Wi-fi encryption scrambles data exchanged over the Wi-Fi network making it unreadable to unauthorised users. A variety of security encryption protocols have evolved and its important to make certain the best and most up to date is configured on your router. 

Use WPA3 if available. If not, use WPA2 (AES).

Step 5: Create a strong Wi‑Fi password (longer is better)

Your Wi-Fi password is needed by every device that connects to your Wi-Fi network. This is not the same as your router admin account password and you should not use the same password.

Use a long password that’s totally unique to your network and never use names, addresses, phone numbers or simple words.

Step 6: Disable WPS (Wi‑Fi Protected Setup)

WPS (Wi-Fi protected setup) is a feature that simplifies connecting devices to a secure Wi-Fi network by pressing a button, letting you bypass typing long passwords for things like printers, smart TVs, or new phones. But while WPS is meant to make connecting devices easier it has known weaknesses and vulnerabilities that can be exploited by criminals. So turn this feature off unless you absolutely need it.

Step 7: Disable remote administration

Router remote administration is the facility to access and change your router`s settings from anywhere over the internet, instead of being physically connected to its local network. This feature allows the router to be managed from anywhere on the internet but most people do not need this. Turning this capability off greatly reduces attack risk.

Step 8: Disable UPnP (if possible)

UPnP (Universal Plug and Play) on a router is a feature that automatically allows devices (like gaming consoles, smart TVs and printers) to discover each other and set up network services, including opening necessary ports through the firewall, without manual configuration. This capability is intended to enable things to work easily but it also creates potential security risks by allowing apps to open ports without explicit user permission. While this feature can be useful for gaming or streaming it is very risky if abused by malware. Disable this facility if you don’t need it. 

Step 9: Create a guest network

Many people will have allowed visitors and contractors to access their home and business Wi-Fi networks by telling them the network name and handing over the Wi-Fi connection password. This is obviously a vulnerability. Setting up a guest network, for guests and smart devices, keeps visitors and other devices completely separate from your main computers and phones. This precaution prevents a compromised device from potentially affecting every other network connected device. 

Step 10: Routinely Review Connected Devices

The router administration facility enables inspection of the devices currently connected to the Wi-Fi network. Most modern consumer grade routers can comfortably cope with 20 to 50+ connected devices. In a business or work environment it makes sense to routinely (monthly) inspect the connected devices to look out for any suspicious activity.

Router Security Advice for Businesses and Home Workers

Wi-Fi router security is especially important for small businesses and home workers. A compromised router can potentially expose:

• Company email accounts.
• Internal documents.
• Customer data.
• Remote work access systems.

At a minimum, businesses should:

• Replace consumer‑grade routers when possible.
• Separate guest and work networks.
• Regularly assess and review connected devices.
• Schedule firmware updates.

Wi-Fi routers for regular consumers tend to prioritise ease of use with features such as WPS (Wi-Fi protected setup), along with low cost. Whereas business grade routers offer superior reliability, stronger security, advanced management capability, longer lifespans, better support and scalability for many users. Businesses should endeavour to use business-grade equipment wherever possible.

Benefits of Cyber Essentials Certification

Cyber Essentials is a UK government-backed scheme helping businesses of any size protect themselves from common cyber attacks by implementing five basic security controls: firewalls, secure configuration, user access control, malware protection, and patch management. It provides certification (Cyber Essentials or Cyber Essentials Plus with an audit) to demonstrate commitment to security, reducing risks and making suppliers more trustworthy in the supply chain.

Cyber Essentials certification reduces risk by providing protection against around 80% of common cyber attacks. Certification builds trust with business partners and enables bidding on certain government contracts. And importantly, certification demonstrates to customers and stakeholders that the business takes cyber security seriously.

Insight Security is proud to have achieved Cyber Essentials certification.

Final Router Security Advice

Wi-Fi router security is recognised as one of the most commonly overlooked aspects of both personal and small-business security. People are often put off by technicalities, but dealing with basic router configuration controls is very easy. Here’s a summary reminder of the most important router security advice:

1. Change the admin password
2. Update the router firmware
3. Use WPA3 or WPA2‑AES
4. Disable WPS
5. Disable remote administration
6. Create a guest network
7. Review connected devices monthly

Making a few simple changes will dramatically reduce the risk of attacks, privacy breaches and fraud.

If you have any questions about our range of security solutions or if you have any special requirements, remember we are here to help. Give us a call on 01273 092921 and we’ll provide you with free, expert advice.

For more information on Why Your Wifi Router Security Matters and How to Fix it talk to Insight Security