There has been a lot of attention given to brute force attacks against WordPress, Joomla and other web-based applications. A rising security threat that hasn’t gotten nearly as much attention is brute force router hacks.
They Can Hack My Router?
Yes, it’s possible for your wireless router to be hacked. It is, after all, just a little computer that sits between your personal computer and the Internet.
A brute force attack is simply a script trying to log in to a site using known popular user names and passwords. The user name “admin” is the primary target and many CMS users are aware that they should never use “admin” as a user name. Unfortunately, there is little awareness that the same sort of hack can be used against routers.
How Do I Know If My Router Is Okay?
If you got your router from your Internet Service Provider (ISP), most likely it came with a user name and password already set up. The service tech gave you the log in credentials when s/he set up the cable or satellite or whatever you have. If the user name and password are unique to you, that’s great. The likelihood of falling victim to a brute force attack is very small.
If, on the other hand, like many people, you went out and bought your router at your favorite electronics store, you probably brought it home, took it out of the box, hooked everything up and forgot about it. You’re certainly not alone if this describes your experience.
How Would They Know My Password?
If you read the documentation for your router, you’ll see that it has a default user name and password. Sometimes the user name is “admin” and sometimes it’s blank. The password may be “admin” or something else simplistic. The important point is that the bad guys know the user name and password, too, because the defaults are common knowledge.
If your router is straight out of the box, one of two things can happen: someone can address your router over the wireless anywhere within the router’s range, or software on your computer could log in to the router using the default credentials and do all kinds of things you don’t want them doing.
Best case is the neighbors might be tapping into your router to download movies or whatever from their computer, eating up your bandwidth and slowing down your computer’s performance. Worst case, your computer could become a host for all kinds of malware, be sending out thousands of spam emails, or otherwise behaving badly.
Has This Really Happened Before?
This happened to the hairdresser to whom my wife and I go. Her daughter picked up the malware on her computer at a hotel they visited on vacation. When they got home, the malware took over their router. They had anti-virus software installed on their computers which kept showing they were infected. They would clean the infections and a day or so later they’d be back. This went on for weeks before a tech support person troubleshooting some problems with Microsoft applications figured out what was going on.
They eventually had to take their computers offline, clean them thoroughly of all malware, then buy a new router and discard the old one. Not only did it cost them time, it ended up costing them money to buy a new router.
So How Do I Prevent This Problem?
Preventing this sort of thing is relatively easy. Make sure to change the default user name and password on your router! As I said, if you got your router from your ISP and they gave you a password unique to you, you’re good to go. If you bought the router yourself and didn’t change the default credentials, do so immediately!
Once that’s done, the usual security precautions apply.
- Don’t open attachments, even from people you know, unless you’re sure what they are.
- Be careful visiting websites and watch for anything suspicious. Malware that attacks routers is often dispersed from infected websites.
- Keep your anti-virus software up to date and scan your machines regularly.
- Make sure you have your computer backed up.
In short, practice safe computing!
Protected by WebARX