To keep your electronic devices secure, it isn’t just important to be aware of cyberattacks that could arrive via emails or false links. You need to keep an eye on your router, which provides you with your Internet access, which has become a target for the cybercriminals.
Using these apparatuses as a way to launch attacks is becoming more and more popular and it has been brought to light by two Spanish organizations – the Instituto Nacional de Ciberseguridad (INCIBE) and the Oficina de Seguridad del Internauta (OSI).
They base their warnings on information registered by the INCIBE during the past few weeks. The experts at the organization have detected that the number of daily attacks targeted at routers have increased, reaching nearly 5,000. What the cybercriminals try to do is to install a type of malware on the device and make it form part of a network in which they carry out a denial of service attack (DDoS).
DDoS attacks use a series of computers and other devices with Internet access to saturate server requests where files are stored on a web page, which then stops working and remains inaccessible to others.
- Each router that was compromised had activated the option of remote administration, which permits access to users outside of the network, allowing any IP address to control its settings.
- Also, the INCIBE has indicated that the owners of these devices hasn’t modified the access details from the default settings (user name and password). By keeping the original default settings, it was very easy to access them remotely.
- These factors allow cybercriminals to modify the working options of the router and set up access to a local network. Later, they would only have to install the malware which makes it work as if it were a bot, carrying out massive attacks.
- One of the measures put forward by the OSI to avoid your router being attacked is to change the administrator details and to use better passwords.
- Also, it isn’t advisable to activate the remote administration unless it is necessary and, in this case, do it during as short a period as possible, so as not to give the attackers a chance to detect its vulnerability.
- Every router is configured the same, although the interface where you do it and the access options vary slightly depending on the brand. Changes are carried out from the web browser by entering the IP of the device (it comes in the manual, on the tags that are attached to it, or you can find it in the connection settings within the Control Panel).
Finally, if these tips reach you too late and your device is already infected, the best option is to reinstall the firmware (the program that controls the router) from a security copy.