Router Security

Router security in the wake of the CIA’s Cherry Blossom attack

If you have been following the news, you will have heard that the CIA has, since 2007, been exploiting security holes on some routers to eavesdrop on unsuspecting individuals. The project is reported to have covertly replaced the routers’ firmware with custom, Linux based versions, which gave the organization a stepping stone into target networks.

Why Routers are Important

Routers are, without doubt, one of the most important components on any given network. By receiving and forwarding data packets along the best possible routes, routers act as gateways through which traffic flows on the internet.

Router Security

The revelation that the CIA has been exploiting firmware holes in some routers is hardly surprising. By compromising these most important of devices, hackers get the ability to exploit any part of a computing system. They can, as an example, perform the following tasks;

  • Install custom firmware
  • Launch man-in-the-middle attacks
  • Monitor internet activity
  • Inject malware into the data stream
  • Direct traffic to bogus websites.

Why are routers vulnerable

Although routers are, as we have already noted, one of the most important components on any given network, they are, more often than not, also the most neglected. For most people, the only time that they ever think about their router is when they are setting up their network. From then on, most of us forget about the devices. The following are some of the reasons why routers are vulnerable to attack;

  1. Failure to upgrade firmware

Most people out there never bother to update the firmware that is on their routers. This exposes them to attacks such as the one that was launched by the CIA. We have previously written a number of articles in which we take note of the fact that the recent WannaCry ransomware attack was mainly the result of failure by some individuals and institutions to keep their Operation Systems up to date. This is exactly the same thing that happens with routers. Failure to keep the devices up to date exposes the entire network to attack.

  1. Out of date hardware

Another cause of concern is the fact that not many people ever bother to upgrade their hardware. If a device is functioning as it should, people will keep it at work, even when security vulnerabilities, such as the ones that enabled the CIA to infiltrate certain routers, are exposed. There is clearly need for people to make sure that they have devices that are capable of withstanding the increasing security demands of today’s computing environment.

  1. Home vs Enterprise Routers

What most people do not understand is that the type of router that is in use also has a bearing on the amount of security that it can provide to a network. Roughly speaking, routers come in two configurations; basic and enterprise.

The basic type of router is the one that is installed on most home networks. This type of router places emphasis on speed and not only security. Despite this, it is not uncommon to find businesses using this type of router. This is what exposes them to the type of attacks that we have been witnessing over the past few months.

Enterprise routers, on the other hand, place greater emphasis on security. This is clearly the type of router that we recommend to people who talk to any of our CISCO CCIE certified experts. Businesses should never use the basic type of router, lest they expose themselves and their customers to attack.

  1. Router Settings

Another thing that exposes routers to attack is having the wrong settings. Although most routers come with adequate security protocols, it is up to you to make sure that all of them are enabled to give your network maximum security.

If you have a wireless router, you need to have the strongest possible password to thwart brute force attacks.  Such things as Remote Administration and UPnP and NAT-PMP also need to be turned off to prevent attack.

  1. Encryption

You also need to activate encryption on your router. If the device that you have does not have this function, then you need to quickly get rid of it. Encryption on any router should be set to AES. You should, by all means, avoid the TKIP option.

  1. Firewall

Another thing that you need to do is make sure that your router’s firewall is up to the task of protecting your network. All routers come with built in firewalls. This should always be activated. You should also have a firewall on your PC to double the protection.

Free Network Consultation

If you are worried about securing your router and network, talk to us and we will provide you with the expert advice that you need to stay safe in today’s environment. We also provide free webinars for managed I.T solutions and Security.