According to a Recent Study, Wireless Router Security in the Workplace is Lacking. Get tips for the best Wi-Fi security to ensure your workplace data stays secure.
Security Tips for the Workplace.
A recent study of wifi router security by the American Consumer Institute Center for Citizen Research revealed some alarming news. According to the study, five out of every six routers in the U.S. are running out-of-date firmware with exploitable security vulnerabilities. If you think your workplace has the best Wi-Fi security, you may want to check your wireless router security settings.
How bad is it?
The study analyzed 186 small home / home office (SHHO) routers from fourteen different vendors, examining which firmware versions were installed while searching for known firmware security flaws. The results were staggering - and really alarming for anyone who needs strong wireless fidelity router security (spoiler alert - that's anyone with a Wi-Fi network).
A total of 32,003 known security vulnerabilities were found in the firmware of 155 of the routers (83 percent of the routers examined). That comes out as an average of 186 security vulnerabilities per router. Each of the 155 routers had an average of 12 critical and 26 high-risk vulnerabilities - the most serious categories of security issues. Out of 186 routers, only 31 (seventeen percent) had no vulnerabilities in their firmware.
Why target routers?
Routers make very tempting targets to hackers, as access to the router offers access to every device on the network. That doesn't just mean laptops, computers, and smartphones. Any device connected to the network is vulnerable, including baby monitor cameras, security systems, printers, DVRs, smart appliances—even smart light bulbs.
Many IoT (Internet of Things) devices lack the security necessary to protect themselves, and hackers know this. Symantec's annual internet security report found a 600 percent increase in IoT attacks in 2017, with routers accounting for 33.6 percent of such attacks.
In the same report, Symantec noted that in May 2018, the FBI warned the public of a concentrated campaign against wireless router security by out-of-country hackers. The hackers infiltrated tens of thousands of home and office routers. Once they had access to the network, the hackers could steal user data and passwords, shut down network traffic, steal bandwidth, and turn devices into botnet slaves. Most consumers ignored the warning.
Why is wireless router security susceptible to hacks?
Several factors combine to make routers a popular hacking target. If for no other reason, the fact routers usually run 24/7 makes them popular targets. Firmware is often written using code from open source libraries. Each individual piece of open source code may have its own security vulnerabilities, which it passes on to the completed firmware.
Fixing such liabilities is the responsibility of the manufacturers, who routinely release security patches and firmware updates. And it is here that human nature comes into play. Few people take the time to update routers for the best Wi-Fi security. In many cases, the user only remembers to update firmware after a major and well-publicized hack occurs, which may be too late to avoid compromising security. And as in the case with the out-of-country hackers mentioned in the Symantec report, many people don't hear about even serious, widespread hacking campaigns.
Others are aware of the need for wireless router security, but wrongly assume their firmware is set to automatically update. While many routers do have auto update features, the only way to ensure the feature is on is to check your wireless router settings.
How do I set security on my router?
Of all the wireless security tips for the workplace we're about to discuss, two stand out as the most important - the need to install the most recent version of your router's firmware and to use strong network passwords. To do either of these, you will have to access your wireless router safety settings, something relatively few people know how to do.
While some new routers allow you to change security settings through a mobile app, most require you to access settings through a web browser connected to the wireless network. Open the browser, and in the URL button type in your router's IP address... which most people don't know either.
You can find the router's IP address on the box it came in or inside the setup manual. The address will look something like http://192.168.0.1 or 192.168.1.1. If you can't find the IP address, you may need to contact the router manufacturer or search for customer support pages online.
Once you enter the IP into the browser URL, you will be taken to your wireless router security settings, which require your user name and password to access.
Update Your Firmware.
The very first thing to do in your router control panel is to update your firmware. Depending on the age of your router, you may be able to activate automatic updates at the same time. Older routers may require you to periodically visit the manufacturer's home page to download an install firmware manually. If this is the case, check to see if you can set the router to send email alerts when security updates come available (one of the easiest ways to do this is to complete the router's online registration. At the end of most registration forms you will find the option of signing up for updates).
Manufacturers don't release updates for very old routers. If this is the case with your router, buying a new one is vital for Wi-Fi security.
Create strong passwords.
Routers are often installed using factory-set default passwords. Such passwords are easy for hackers to bypass, either through brute force hacking or simply trying a list of likely default passwords.
For the best Wi-Fi security, you need to change two passwords: the one that allows you to edit wireless router security settings and the one used to connect other devices to the Wi-Fi network. A strong password is at least twelve characters long, and contains numbers, upper and lower case letters, and symbols in an order that makes sense to you but seems completely random. Such passwords are less susceptible to "brute force" hacking tools, which try thousands of different character combinations in the hope of finding the correct password.
Additional wireless security tips for the workplace.
Your wi-fi router settings include other features you may wish to activate or disable depending on your worksite needs. Such settings include:
- Remote administration. Also known as remote management or web access from WAN, remote administration allows users to access the router control panel from outside the home network. Unless this is something you need to do, it is a feature best turned off.
- Universal Plug and Play. Universal Plug and Play (UPaP) allows devices on the home network to connect to each other and is usually on by default. While convenient, this makes it easier for malware to spread throughout the network. UPaP settings are usually found in Tools or Advanced Network Settings. Disabling this feature may require you to re-enter network passwords into some devices.
- Guest Network. An active guest network can be used by third parties without your permission. The intruding party could be a neighbor's kid stealing bandwidth to watch streaming videos, or a hacker. Either way, your network security is stronger if you disable this setting.
- WPS. WPS (Wi-Fi protected setup) allows you to connect a device to the network using a PIN number instead of your long, hard-to-remember password. And yes, that is tempting if you have difficult remembering complex passwords. Unfortunately, a short PIN number is much more susceptible to brute force attacks, so it is safer to keep WPS features disabled.
Use WPA3 for the best Wi-Fi security.
The Wi-Fi Alliance periodically releases security protocols that protect against common hacking tools. The latest protocol released is WPA3.
New routers should be able to update to WPA3, if they are not using it already. Older routers may not be compatible with WPA3, in which case WPA2-AES is the next best Wi-Fi security protocol. If your router is too old to support WPA2-AES, then you should replace your router.
Use MAC addresses.
You can change your wireless router security settings to only allow devices with approved MAC addresses to access the network, even if the user has the network password. This takes a little time, as you have to set up a whitelist of device MAC addresses, which you can find by opening a cmd window and typing the command line ipconfig/all.
A mac address looks something like this: 01-12-33-43-55. Once your MAC address whitelist is set up, your router will only allow access to devices on the list. This doesn't entirely rule out hackers spoofing a MAC address, but it makes unauthorized router access much more difficult. Of course, it also means you must manually enter every new device's MAC address before it can access the network, which can be cumbersome in a large office setting.
Does your router need to be on 24/7?
Routers often run continuously. If your office is open for set hours and you don't need to remotely connect to the network outside of office hours, check your router control panel to see if you can schedule when to turn the router on and off. Controlling router schedules reduces how long the router is online, eliminating the chance of hacker attacks during the router's downtime. This will also save your company some electricity cost and it is also a greener alternative for the planet. We don;t need to remind you that every little thing we can do to reduce Global Warming is worth the effort for future generations of not just for ourselves.
Logout from wireless router security settings.
When you're finished changing router settings, be sure to log-out of the router's control panel rather than simply closing the browser window. Remaining logged in can lead to a compromised network.
Install antivirus software.
Not all threats to your router are external. Malware on one device can spread to the router and other devices on the network. The best defense against this is to keep each device's operating system up-to-date and install antivirus software. Be sure to only download such software from the manufacturer's official site; hackers sometimes create fake antivirus sites, which include "antivirus" programs infested with malware.
We hope these wireless security tips for the workplace help you protect your business from online threats. Even the best Wi-Fi security isn't perfect, but with careful attention to your wireless router security settings, you can reduce the chance of data breaches and other hacker activities.
Share this post