Routers, they are the gateway into a network, and we all use one on a daily basis. The majority of us have a router in our homes that delivers a wifi signal to your device (albeit not a very good one at times). But… how secure is your router and what damage could someone cause to your home, or business if they was to gain access to your network?
Well this article will aim to address these points and help you ensure you stay safe.
How secure is your routers wifi password?
Most routers use a randomly generated that will be issued by the manufacturer, and encrypted using WPA2. These codes are around 8 characters long and contain numbers and letters… pretty secure right?
Wrong! One of the biggest misconceptions about passwords is that masking a password similar to “P4SsW0rd!” Will be secure and difficult to hack/crack. However, the truth is that by using very rudimentary hacking techniques such as a “dictionary attack” most hackers will be able to crack the password in a matter of minutes, as explained here in this guide: https://pcprofessionals.co.uk/hackers-hack-wifi/
How to make a secure password for my router?
AdvantEdgeITare100%geeks! – this is an expample of a secure password, it’s made up of serveral words and includes numbers and special characters. The reason this is more secure that a standard password is because:
It’s nice and long, this makes it harder for hackers to guess.
Unlike a standard password it contains a variety of different words which will make it very difficult to crack using a basic attack like the “dictionary attack”.
Now don’t just go changing your wifi password and this that everything is safe… you can still fall victim to several other very sneaky hacks that will leave your nextwork open. Read to the end to find out how to protect against these attacks.
Different types of network attacks to watch out for
- Dictionary attacks – using a huge list of known password to crack a WPA2 handshake.
- Wifi phishing / rouge access points – creating a rouge router and forcing all wireless devices to connect to it & re-authenticate by entering their wifi password (the most common and most dangerous in my opinion)
- MacSpoofing – changing the MAC address of a device to replicate one that has been pre-configured to connect to the network.
Wifi phishing / rouge access points – how they work
Wifi phishing a rouge access points are extremely dangerous types of attacks as they allow the hacker to monitor all network traffic and retrieve bank details, passwords and other sensitive information.
Here’s the basics of how it works:
- De-authenticate the user from their legitimate Router by sending it deauthentication requests.
- Allow the user to authenticate to the rouge access point.
- Offer a webpage to the user on a proxy that notifies them that a upgrade has taken place, and that they need to authenticate again. This allows the hacker to capture you wifi password and if configured correctly, also your configuration account details. What his means is that they can come back and connect to your network whenever they like and make changes to your routers configuration which will allow for further attacks such as website phishing.
- Remove SSL from website before serving it to the end user which means the attacker can view your login details for anywebsite in plain text.
Ways to secure your network and what to watch out for
Secure your network
- Enable MAC address filtering, this will only allow devices to connect to your network that have been preprogrammed into your router.
- Disable broadcasting of your SSID, your SSID is the name of your wifi network, by disabling SSID broadcasting you will make it very difficult for an attacker to find your network as it will not appear in the list of available networks when scanning.
- Change the password and username of your router configuration account.
What to watch out for
- All wifi devices disconnecting suddenly
- Random requests to enter your wifi login password on webpages.
- Being forced to login to all your accounts again.
- Websites not displaying the green padlock and (SECURE) in the URL bar.
I hope this article has help give you an insight on how hackers work and what to do the secure your network from malicious attacks.