magazine
ROUTER ATTACKS: FIVE SIMPLE TIPS TO LOCK CRIMINALS OUT By Alan Martin, We Live Security contributor Cybercriminals always look for the weakest link when planning their attacks – often it’s human error, such as weak passwords or opening phishing emails, but failings in home routers can allow another “way in”. Over the past year, researchers have repeatedly shown that the devices can contain “backdoors” which allow attackers access to your private data. Once known, this information will circulate rapidly among cyber gangs. We also don’t help ourselves. A study of 653 IT and security professionals and 1,009 remote workers found that 30% of IT professionals and 46% of remote workers do not change default passwords on their routers. So far, router attacks are a new and evolving phenomenon – but it’s worth protecting yours. 1) Don’t leave your username as ‘admin’ The first, and most important step, is to change your router’s password from its default. Routers ship with a Web page allowing users to adjust settings, with default passwords and usernames such as “admin”. These are widely known to hackers, and should be changed immediately. 2) For extra security, change the firmware A recent survey found that around 80% of the top-selling “small office/home” routers on Amazon shipped with known “critical” vulnerabilities, making them easy prey for cybercriminals. ESET Malware Researcher Olivier Bilodeau says, “For the relatively advanced consumer: install an alternative open source firmware on your router.” These are replacement versions of the official firmware – and often more secure. This is not for beginner PC users, but clear instructions can be found online as to how to install. Bilodeau recommends: Tomato: www.polarcloud.com/tomato DD-WRT: www.dd-wrt.com/site/index Open-WRT: https://openwrt.org/ Around a third of IT professionals admit to never changing the default settings on routers, giving cybercriminals a potential ‘way in’ to networks. 38 welivesecurity.com
TECH INSIGHT 3) Make sure your encryption is up to scratch Older routers with WEP encryption are vulnerable – check which one you’re using on your settings page. If it’s WEP, change to the more secure option WPA. Or buy a new router. 4) Don’t tell the neighbors your name Wi-Fi networks have a network name – known as an SSID – and most ship with a default name, which often includes the brand. For a potential attacker – for instance, against a small business – this is useful information. Some models have vulnerabilities that make router attacks easy, It’s worth considering making yours a “hidden network” – disabling the broadcast of the SSID’s name. That way you’re less visible to attackers – and to connect new devices, simply type in your network’s name on the gadget. 5) Know who’s connecting to your network Any PC or mobile computing device has a unique identifying number known as a MAC address. If you access your router’s settings, you can select which devices can and cannot connect to your network – meaning for instance, a neighbour couldn’t log in, or a teenage visitor could not access unsuitable sites via a smartphone. Add the MAC addresses of all authorized devices in the home – iPhones, tablets, laptops etc. – to the router’s authorized list. No other device will then be allowed. You can find the MAC addresses of mobile phones and other portable devices under their network settings, though this will vary for each device. Check with the manufacturer. welivesecurity.com 39
- Page 1 and 2: Shutterstock © Maksim Kabakou maga
- Page 3 and 4: WELCOME Welcome to the first editio
- Page 5 and 6: NEWS & VIEWS © Rex Spyware trackin
- Page 7 and 8: NEWS & VIEWS ESET crossword Across
- Page 9 and 10: CYBERCRIME IS BAD FOR YOUR HEALTH u
- Page 11 and 12: CYBERCRIME IS BAD FOR YOUR HEALTH T
- Page 13 and 14: WWW.ESET.COM ESET SECURE AUTHENTICA
- Page 15 and 16: In safe hands Block prying eyes wit
- Page 17: TECH INSIGHT FOR IT ADMINISTRATORS:
- Page 20 and 21: OPINION: GRAHAM CLULEY IT security
- Page 22 and 23: POWER UP YOUR PASSWORDS We Live Sec
- Page 24 and 25: ESET ENDPOINT SECURITY FOR ANDROID
- Page 26 and 27: FROZEN WITH FEAR Should you be scar
- Page 28 and 29: WHEN WHITE GOODS GO BAD Shutterstoc
- Page 30 and 31: STAY SECURE: WHEREVER YOU ARE ESET
- Page 32 and 33: STRAIGHT TALKING from the ESET expe
- Page 34 and 35: WWW.ESET.COM ESET ENDPOINT SECURITY
- Page 36 and 37: A SCAM-SPOTTER’S GUIDE: THINGS YO
- Page 40 and 41: Small fish, big risks Why even the
- Page 42 and 43: Passwords are the weakest link By A
- Page 44 and 45: Love your Android Why malware prote
- Page 46 and 47: INTERVIEW Why do so few kids learn
- Page 48: DO MORE WITH YOUR I.T. SECURED BY E
ROUTER ATTACKS:<br />
FIVE SIMPLE TIPS TO<br />
LOCK CRIMINALS OUT<br />
By Alan Martin, We Live Security contributor<br />
Cybercriminals always look for the<br />
weakest link when planning their attacks<br />
– often it’s human error, such as weak<br />
passwords or opening phishing emails,<br />
but failings in home routers can allow<br />
another “way in”.<br />
Over the past year, researchers have repeatedly<br />
shown that the devices can contain “backdoors”<br />
which allow attackers access to your private<br />
data. Once known, this information will circulate<br />
rapidly among cyber gangs. We also don’t<br />
help ourselves. A study of 653 IT and security<br />
professionals and 1,009 remote workers found<br />
that 30% of IT professionals and 46% of remote<br />
workers do not change default passwords on<br />
their routers. So far, router attacks are a new<br />
and evolving phenomenon – but it’s worth<br />
protecting yours.<br />
1) Don’t leave your username as ‘admin’<br />
The first, and most important step, is to change<br />
your router’s password from its default. Routers<br />
ship with a Web page allowing users to adjust<br />
settings, with default passwords and usernames<br />
such as “admin”. These are widely known to<br />
hackers, and should be changed immediately.<br />
2) For extra security, change the firmware<br />
A recent survey found that around 80% of<br />
the top-selling “small office/home” routers<br />
on Amazon shipped with known “critical”<br />
vulnerabilities, making them easy prey for<br />
cybercriminals. ESET Malware Researcher<br />
Olivier Bilodeau says, “For the relatively<br />
advanced consumer: install an alternative<br />
open source firmware on your router.” These<br />
are replacement versions of the official<br />
firmware – and often more secure. This is not<br />
for beginner PC users, but clear instructions<br />
can be found online as to how to install.<br />
Bilodeau recommends:<br />
Tomato: www.polarcloud.com/tomato<br />
DD-WRT: www.dd-wrt.com/site/index<br />
Open-WRT: https://openwrt.org/<br />
Around a third of IT professionals admit to never<br />
changing the default settings on routers, giving<br />
cybercriminals a potential ‘way in’ to networks.<br />
38 welivesecurity.com
Change language