Your Wi-Fi Security Is Probably Weak. Here’s How to Fix That. – The New York Times

Posted on June 13, 2018 | Leave a comment

https://www.nytimes.com/2018/06/13/technology/personaltech/wi-fi-router-security.html
SKIP TO CONTENTSKIP TO SITE INDEX

SUBSCRIBELOG IN
TECH FIX

Your Wi-Fi Security Is Probably Weak. Here’s How to Fix That.
Image
CreditMinh Uong/The New York Times
By Brian X. Chen
June 13, 2018

Chances are that when you bought a Wi-Fi router, you probably did not prioritize strong network security.

After all, when we think about wireless connectivity in our homes, most of us generally care more about speed of data transmissions and how much range the router can cover.

But it’s time to change our views. Network security needs to be high on our list of considerations because a Wi-Fi station is the gateway for devices to get on the internet. If your router is infected with malicious software, all your internet-connected devices become vulnerable, including your smartphone, computer, smart watch, television and Amazon Echo.

A recent cyberthreat underscores the need to take network security more seriously. Last month, Cisco’s threat research arm Talos, in collaboration with the Federal Bureau of Investigation, discovered that a malware system with links to Russia had infected hundreds of thousands of Wi-Fi routers made by popular brands like Netgear, TP-Link and Linksys. This month, Talos revealed the problem was even worse than initially thought: Routers from other brands like Asus and D-Link had also been infected.

ADVERTISEMENT

That means base stations from every well-known router brand were a target for this malware, known as VPNFilter, which is capable of manipulating your web traffic. Attackers could use it to load a fake banking site on your computer browser that looks like the one you normally use and steal your credentials and clean out your bank accounts. They could also load spoof versions of an email site you use to steal your password and gain access to your communications.

Netgear, D-Link and Linksys said they advised people to install the latest security updates and to choose strong usernames and passwords. TP-Link and Asus did not respond to requests for comment.

Our remedy? For starters, make sure your Wi-Fi station is always running the latest version of its “firmware,” or software system, just as you are supposed to keep operating systems up-to-date for your smartphone and computer. In a 2014 survey of I.T. professionals and employees who work remotely conducted by the security firm Tripwire, only 32 percent said they knew how to update their routers with the latest firmware.

“Most consumers don’t know to patch these things,” said Matt Watchinski, a senior director of Cisco Talos, who helped research the VPNFilter malware. “They don’t treat it like they do their air-conditioner or refrigerator, where we all know we should change the filters.”

ADVERTISEMENT

Here’s a guide to some of the best practices you can embrace to ensure that your router — and, by extension, all your internet gadgets — is safe.

Routinely update the firmware
Even though a router lacks moving parts, it needs to be maintained with the latest security updates. Easier said than done, right? Here is a basic step-by-step for how to do that:

■ Consult the instruction manual for your router to get its IP address, a string of numbers that you will punch into a web browser for access to the router’s web dashboard. Jot down the number and store it somewhere safe like your filing cabinet.

■ After entering the router’s IP address into a web browser, log in to the base station with your username and password. In the router’s web dashboard, click on the firmware settings. Look for a button that lets you check for the latest firmware version.

■ If an update is available, choose to install it and let the router restart. Repeat this process every three to six months.

ADVERTISEMENT

Set a unique username and password
When you log in to your router, if your username and password are something like “admin” and “password,” you have a problem. Many Wi-Fi stations come with weak, generic passwords by default that manufacturers intend for you to change.

The problem with having a weak username and password is that anybody within range of your router could log in to it and change its settings, potentially opening it up to the outside world, said Dave Fraser, chief executive of Devicescape, a company that helps make public Wi-Fi networks more reliable for mobile phone service.

So while you are checking for firmware updates in your router’s web dashboard, make sure to also check your security settings and change the username and password to something strong and unique. Security experts recommend creating long, complex passwords consisting of nonsensical phrases and added numbers and special characters. (Examples: My fav0rite numb3r is Gr33n4782# or The cat ate the C0TT0n candy 224%.) Write down these credentials on the same piece of paper where you recorded your IP address.

ADVERTISEMENT

Replace your router every few years
Even if your router still appears to work properly, the device has reached the end of its life when manufacturers stop supporting it with firmware updates, leaving it vulnerable to future cyberthreats. You can expect this to happen every three to five years. At that point, it is crucial to upgrade to a new piece of hardware.

The best way to check is to look up your router on the manufacturer’s website and read notes about its firmware releases. If there hasn’t been a firmware update in the last year, the router has probably been discontinued.

Among the routers affected by the VPNFilter malware, a significant portion of them were more than five years old, said Cisco’s Mr. Watchinski.

How did we get here in the first place? Historically, manufacturers have designed routers by cobbling together open-source software platforms with commodity components to produce base stations as cheaply as possible — with little care for long-term security, Mr. Fraser said.

ADVERTISEMENT

“It is a miserable situation, and it has been from day one,” he said. But Mr. Fraser added that there were now “new world” routers with operating systems, tougher security and thoughtful features to make network management easy.

If it is time to update your router, rid yourself of some of these headaches by looking for a smarter router. Check for Wi-Fi systems that offer automatic updates to spare you the headache of having to check and download updates periodically. Many modern Wi-Fi systems include automatic updates as a feature. My favorite ones are Eero and Google Wifi, which can easily be set up through smartphone apps.

The caveat is that smarter Wi-Fi systems tend to cost more than cheap routers that people are accustomed to. Eero’s base stations start at $199, and a Google Wifi station costs $119, compared with $50 for a cheap router. For both of these systems, you can also add base stations throughout the home to extend their wireless connections, creating a so-called mesh network.

Another bonus? Mr. Fraser noted that more modern Wi-Fi systems should have longer life spans because the companies sometimes relied on different revenue streams, like selling subscriptions to network security services.

Brian X. Chen, our lead consumer technology reporter, writes Tech Fix, a column about solving tech-related problems like sluggish Wi-Fi, poor smartphone battery life and the complexity of taking your smartphone abroad. What confuses you or makes you angry about your tech? Send your suggestions for future Tech Fix columns to brian.chen@nytimes.com.

Related Coverage
Why Your Next Wi-Fi Setup Should Be a Mesh Network
April 26, 2017
Image
Why Your Next Wi-Fi Setup Should Be a Mesh Network
Here Is How to Fend Off a Hijacking of Home Devices
Feb. 1, 2017
Image
Here Is How to Fend Off a Hijacking of Home Devices
If Your Wi-Fi Is Terrible, Check Your Router
Oct. 7, 2015
Image
If Your Wi-Fi Is Terrible, Check Your Router
Interested in All Things Tech?
The Bits newsletter will keep you updated on the latest from Silicon Valley and the technology industry.

Enter your email address
You will receive emails containing news content, updates, and promotions from The New York Times. You may opt-out at any time.

Sign Up
MANAGE EMAIL PREFERENCESOPT OUT OR CONTACT US ANYTIMEPRIVACY POLICY
Tech Fix
Diagnosing and solving your tech problems.

Booking With Airbnb? Here’s Your Survival Guide
June 6

Getting a Flood of Privacy Policy Updates? Read Them.
May 23

Google’s File on Me Was Huge. My Facebook Data Was Creepier.
May 16
More in Personal Technology

Idris Solomon for The New York Times
How Technology Transforms the World of Comic Books
1h ago

Battling Adware That Redirects Your Browser
7h ago
ADVERTISEMENT

Site Index
Go to Home Page »
NEWS
OPINION
ARTS
LIVING
LISTINGS & MORE
Site Information Navigation
© 2018 The New York Times Company
Contact UsWork with usAdvertiseYour Ad ChoicesPrivacyTerms of ServiceTerms of SaleSite MapHelpSubscriptions

One subscription.
Endless discovery.
For just $15.99 $9.99 a month.

SUBSCRIBE

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply: (What... You're shy?)