Articles on TechRepublic - Wednesday, August 7, 2019 at 8:53 AM
Why do so many wireless routers lack basic security protections?
Many popular routers include security flaws, but here are some tips on how to
secure your wireless router, according to Consumer Reports.
Despite increased attention on cybersecurity in the enterprise and at home,
many popular wireless routers still lack basic security protections, according
to a new
report<https://www.consumerreports.org/wireless-routers/wireless-routers-lack-basic-security-protections/>
from Consumer Reports' Digital Lab initiative.
More about cybersecurity
The Digital Lab studied 29 routers (20 traditional and nine mesh) and evaluated
them for about 60 different security and privacy practices, as well as 100
other data points to evaluate speed, ease of use, and other factors.
SEE: Securing IoT in your organization: 10 best practices (free
PDF)<https://www.techrepublic.com/resource-library/whitepapers/securing-iot-in-your-organization-10-best-practices-free-pdf/>
(TechRepublic)
Routers "are the conduit through which all of your data travels, so it's
crucial that we look closely at how they handle security," Robert Richter, who
oversees security and privacy testing for Consumer Reports, said in a blog post.
Security issues discovered included:
* 20 routers allow users to change the password, but not the username, of
their web apps, which are used for changing settings including the Wi-FI
password
* 20 routers don't protect against multiple failed login attempts,
potentially allowing a hacker to use software that cycles through passwords
until one breaks in
* 11 routers allow users to set very weak passwords (those with fewer than
eight characters, or that lack any complexity). One does not require users to
change the default login credentials of "admin" and "password"
* Two-third of routers had the networking protocol Universal Plug and Play
(UPnP) turned on by default, which has a history of security vulnerabilities
* 11 routers don't support automatic software updates
* Few router manufacturers state how long they will provide firmware
updates for
"Many of the problems we found were simple but meaningful—and they should be
easy for manufacturers to fix," Richter said in the post.
In terms of performance, 18 of the 20 traditional routers tested earned a score
of Good or better for throughput over distances of about 28 feet. All nine mesh
routers earned a score of Good or higher for midrange and far-range throughput
at a distance between 44 and 100 feet, so if you have a larger area that needs
consistent coverage, that may be the best choice.
The traditional routers that scored well on security, privacy, and performance
include the Synology
RT2600ac<https://www.cnet.com/reviews/synology-rt2600ac-review/> and the
Netgear Nighthawk X10
AD7200<https://www.cnet.com/products/netgear-nighthawk-x10-ad7200-smart-wifi-router/specs/>.
The mesh routers that scored highest across the three categories included the
Netgear Orbi<https://www.cnet.com/reviews/netgear-orbi-wifi-system-review/> and
Eero<https://www.cnet.com/reviews/eero-wi-fi-system-review/>.
SEE: Special report: Cybersecurity in an IoT and mobile world (free
PDF)<https://www.techrepublic.com/resource-library/whitepapers/special-report-cybersecurity-in-an-iot-and-mobile-world-free-pdf/>
(TechRepublic)
How to secure your router
No matter what internet router you have in your office or home, there are
several steps you can take to make sure it is as secure as possible, the report
noted.
Users can access their router settings (via the router's mobile app or web
interface) and do the following:
1. Set a strong password
2. Disable features you don't use, including UPnP, and turn off Remote
Administration/Management
3. Turn on automatic updates, or, if that's not an option, periodically check
for new software updates manually
4. Turn on WPA2 or WPA3 (if available on your router), and make sure WEP is
turned off
If your router is old and only supports WEP or WPA, or if it no longer receives
any updates, you need to purchase a new router, the report recommended.
For more, check out 5 popular home office network wireless routers: How do they
stack
up?<https://www.techrepublic.com/article/a-comparison-5-popular-home-office-network-wireless-routers/>
on TechRepublic.
Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the
latest cybersecurity news, solutions, and best practices. Delivered Tuesdays
and Thursdays
Sign up today Sign up today
Also see
Image: iStockphoto/simpson33
https://www.techrepublic.com/article/why-do-so-many-wireless-routers-lack-basic-security-protections/#ftag=RSS56d97e7
David Goldfield
Assistive Technology Specialist
Feel free to visit my Web site
WWW.DavidGoldfield.info<http://WWW.DavidGoldfield.info>