So, you have high-speed internet at your small office or home - Woohoo!
But….did you follow the “Easy to Install, Plug and Play” instructions that came with your router? If you did, and are still using the out-of-the-box login and PW, this is your first necessary step to fixing the huge security flaw in your wi-fi network. Change your login and password right now!!! The internet knows your password! There are sites with listings of the default passwords for specific model numbers of routers. It doesn’t take much to attempt to log in with it and have full access to your environment. It’s kind of like leaving the front door unlocked so anyone can come chill and watch your tv….anytime….all the time!
Change Your Wi-Fi Password
Be sure to set a strong password to connect to the wi-fi. This is a different password than the router's password.
- The router’s password provides access to the router so that you can change its settings.
- The wi-fi password lets whoever has it connect to the network and share your internet.
- Be sure to make them different and complex.
- I would also recommend creating a guest wi-fi for friends and family when they visit. This way, it compartmentalizes your devices from the guest devices. It creates a kind of Demilitarized Zone (DMZ).
IoT Devices: Update
IoT devices can be a big issue in a SOHO network. Even with a good perimeter defense, IoT devices with out-of-date or vulnerable software can pose a major secret open window for attackers.
- Be sure to update the software on all devices connected to the network. You can even download a free vulnerability scanner from time to time and run it with everything turned on and plugged into the network so that you can see any known vulnerabilities on your devices.
Additional Router Settings Recommendations
- Disable the services that you do not need. It’s like closing open windows, so bad guys can’t crawl in them. Pardon the analogy.
- Ensure the Router is using WPA2 or WPA3. No WPS!! It is extremely vulnerable. Attackers can deploy an exploit to take advantage of the vulnerability and gain unauthenticated access. You definitely don’t want that.
- Update the router software early and often. The more up-to-date, generally, the less likely that there will be a vulnerability that can be exploited.
- Disable the remote administration feature of the router. This way, no one can remotely administer changes to the router.
Your home internet can be a locked down and solid avenue for internet connectivity for you and your family. But you want that all to yourself, not sharing it with nefarious actors. Be sure to use the above recommended steps to turn your SOHO network into a castle.
Follow Mike Meyers and me on our 2 Bald Nerds playlist for A Day in the Life of a Cybersecurity Analyst.
Be safe out there!
Richard Chapman, CyberNow Labs Program Director