“There’s a war waging in every router out there”

Secret battles. Hotly contested territory.  Criminals gangs beating back other gangs to retain control.

This is war — in your router. If it’s not secure, it may be occupied. And not just by you.

The number of attacks on home routers has jumped dramatically, according to security company Trend Micro.

“There’s a war waging in every router out there,” said Trend Micro’s David Sancho.

Watch here:

Hostile Takeovers

The small plastic box in your home may not look or feel like a battleground. But inside, waves of criminal gangs may be fighting to own you.

“There’s actually a lot of criminals vying for control of your router. And you don’t even realize,” Sancho said. “You might be sharing ownership of the router with somebody else.”

The number of “brute force” — or password guessing — attacks on home routers jumped from 23 million in September to 194 million in March, Trend Micro reported.

Now, with many offices closed in the pandemic, people are relying on their own personal routers to keep them safe.

“We have increased our work from home capabilities, which means that all of our stuff is being transferred through routers — our home routers — not necessarily our beefed-up company networks,” said Kwadwo Burgee with security company Rapid7.

 

 A home router on a table. Image: Serezniy/iStock

Back and Forth

Once criminals get into your router, they may fight to protect it from other gangs.

“Competition is so fierce that criminals are known to uninstall any malware they find on targeted routers, booting off their rivals so they can claim complete control over the device,” Trend Micro warned.

“Being the only attacker on a machine is powerful,” explained researchers from security company Guardicore in a report.

The attacker would then get the most resources from your device, like bandwidth and processing power, the Guardicore report said.

For example, the gang running a malicious cyber campaign called Vollgar moves in and removes all traces of other crooks.

“The Vollgar attack chain demonstrates the competitive nature of the attacker, who diligently and thoroughly kills other threat actors’ processes,” Guardicore said.

Spoils of War

What can crooks do once they own you?

You could try to sign onto your bank website, for example, but the crooks could divert you to a fake bank page that looks just like yours so they can steal your password and your money.

They could sell your router on the dark web to attack other people in what is called a Distributed Denial of Service or DDoS attack.

They’ll use your device and thousands of others to bombard sites with web traffic and shut them down, like they did with Wikipedia last year, and to major sites like Twitter, Netflix, Amazon, PayPal and Reddit in 2016.

 

Dark web ad for a DDoS attack involving home routers. Image: Trend Micro

You’ve Been Framed

Your new overlords could also offer up your address, not your home address, but your IP or internet protocol address, so other crooks can commit cyber crimes under your name.

“They want to use your IP instead of theirs so there’s no way that whenever there’s a crime committed, it can be traced back to them,” Sancho told Archer News. “It will be traced back to you, the owner of the router.”

Plus, they could slurp up your work data and passwords — easier to hack now that you’re on your home router.

“They’re really not built with the same sort of protections as your enterprise devices, but now we’re using them for enterprise reasons,” said Burgee.

Win the Battle

How do you win back your router?

—Change the default password that comes on the device so attackers can’t just look it up online and own you

—Make that password long and keep it in a password manager

—Update your router

“If you update your router, you’re pretty safe,” Sancho said.

Sounds easy, right?

“The bad thing is people normally don’t update their router,” he said. “Because it’s working, it’s in a corner at home, it doesn’t bother me, it lets me go online. So, why bother?”

“At least we should strive to keep them updated as much as we can,” Sancho added.

How to Update Your Router 

Routers have many different ways of updating, depending on the brand.

Your best bet is to check your router brand and do a search online on how to update it. Follow the instructions step by step.

For example, ASUS instructions say you can go to their router website and look for a pop-up saying there is an update available.

—Click on Update Now

—Click on Firmware Upgrade.

In another example, Netgear instructions say you can go to their router website, log in, and follow these steps:

—Select ADVANCED > Administration or Settings > Administration.

—Select Firmware Update or Router Update.

—Click Check.

—If new firmware is available, click Yes.

Find more help on how to access your router and take steps to make it more secure in our article “Top four things you need to do with your home router.”

Some routers update automatically, others need to be updated by you.

Infected?

Your router may or may not show symptoms of a malware infection.

Your Internet connection may seem slow or the router may have other performance issues.

You might be cut off from certain parts of the Internet.

But routers can be asymptomatic and still be infected.

Choose Wisely

Router makers also need to work on their security.

Reports show many home routers have security holes that can let attackers in.

Some makers do better than others. You might want to choose your next home router not on the basis of price, but on how well it protects you and your home.

 

Main image: Metal robot holds cable and wrench. Image: Cavan Images/iStock



Leave a Reply