Home and office internet and Wi-Fi networks are inherently vulnerable and increasingly targeted by hackers. The recent T-Mobile breach started with an unprotected router and led to over 50 million victims losing sensitive personal information. Fortunately, a few best practices coupled with “firewall” protection all but eliminate the risk.
Most home and office internet networks include three primary functions:
- Modem
- Router
- Wi-Fi antennae for wireless access
Sometimes the functions are built together in a single unit of hardware. ISPs have been combining the modem with the router and Wi-Fi built in to gain greater access for monitoring and collecting customers’ personal information. For privacy and security, it is best to separate the modem from the router and Wi-Fi systems.
On internet routers
There is nothing mysterious about a router - it’s just a computer built to manage internet traffic in and out of the local network. Consider the router like Grand Central Station with packets of bits in and out from all the networks’ connected components and devices. But routers are a natural target of cyber-attacks because they are so accessible - on 24/7 and connected directly to the internet.
Making things worse, while a router is a computer, unfortunately, they are not generally maintained like one for software updates and antivirus. And they don’t have a keyboard, so passwords are weak or non-existent, and anyone can easily take administrative control of the router and network. Hackers call it “command and control,” and the results can be devastating. In some cases, the perpetrator will use software to skulk and analyze information for prolonged periods secretly. The data is used to optimize the attack for upside and success in the monetization of their plan.
Home Router Security Report
A white paper from 2020 by Peter Weidenbach, Fraunhofer FKIE titled “Home Router Security Report 2020” reported these alarming findings:
- Most routers used in homes and offices run on a very old version of Linux with 233 known security vulnerabilities.
- On average, each of the tested routers contained 26 critically rated security vulnerabilities.
- Most routers come with easily hackable passwords, a published password, or no password at all.
- It is important to know most popular router brands are made and manufactured by third parties around the world. With these circumstances, little or no quality control measures, or regulatory standards, are present.
Click for a PDF copy of the report.
Best practices for security
These are three critical steps to reduce the risk of a router-based network hack:
- Change the username and password on your modem and Wi-Fi router. Most are pre-set with default credentials that are easily found on the internet.
- Change the name of your Wi-Fi network and use a good password. Your Wi-Fi’s name should be something anonymous to the outside – no names, addresses, or anything identifiable.
- Take the ShieldTest, a free network penetration test at https://www.shieldtest.com/
✓ To test the vulnerability of the network you are on right now, take the 60-second ShieldTest, here.
Network firewalls
Traditionally, network firewalls included heavy-duty hardware with complex systems and local technical requirements. They were expensive, unreliable, made heat and collected dust, and were a burden on bandwidth and the strength of the internet signal. Innovation is changing all that, and now the most effective systems are “soft-firewalls” where the complexity and technical support are done remotely.
With this “as-a-service” approach, technicians in data centers create a comprehensive and effective state of network security that is seamless and autonomous for the customer, yet more affordable than the traditional hardware-centric approach.
On SD-WAN unified networks
Like firewalls, network architecture is also evolving to include more software functionality for the sake of efficacy, simplicity, and affordability. Software-defined networks, or SD-WAN, are replacing traditional hardware-centric networks. Traditionally, each network component included hardware, an operating system, and its unique requirements for administration and management. Getting each piece to work with the other parts predictably and reliably took as much art as science.
The network is unified by software with SD-WAN architecture, making installation and administration far more straightforward to manage. SD-WAN eliminates the need for onsite support, and the customer receives the results of a managed and secure network, as-a-service.
Private Home Internet Router and Network
SD-WAN-built network security is highly suitable for private clients and their families. Installation is plug-and-play, and the result is a local network that is managed for privacy and security across the network. Every connected device, including “things” like Ring Doorbells, Alexas, security cameras, etc., are automatically protected and anonymized to the outside.
All computers and phones are protected without the need to sign on or install software just by the benefit of being connected to the secure network. The best systems include a private VPN that encrypts and anonymizes all traffic from every component and device.
The shared-resources approach to data center management of SD-WAN networks is driving efficacy with affordability. Private clients sensitive to privacy and security will find managed network security services for homes and offices represent excellent value and risk/reward metrics.
✓ There is no better comprehensive solution for home and office network security than Managed Network Security by Total Digital Security.
Managed Network Security
For optimal protection of home and office internet networks, we use an SD-WAN solution, Managed Network Solution. It's known as "an IT department in the cloud." Learn more about the comprehensive service, here:
For more about home network cybersecurity and home router security, please contact us.