Your router might be compromised by hackers, and you probably have no idea about that.
Australia has joined the US and UK authorities in naming Russia to be responsible for a series of cyber attacks that had affected millions commercially available routers worldwide in 2017.
“Based on advice from Australian intelligence agencies, and in consultation with our allies, the Australian Government has determined that Russian state-sponsored actors are responsible for this activity, which occurred in 2017,” Angus Taylor, Minister for Law Enforcement and Cyber Security, confirmed the news in his statement.
Australian, UK and US governments say that Russia has been secretly targeting network infrastructure devices, such as routers, firewalls, switches, and network intrusion detection systems, to access victims’ networks, spy on their communications, and possibly lay a foundation for future cyber attacks.
Australian Minister for Defense, Senator Marise Payne confirmed that up to 400 Australian businesses were affected by the Russian attack, but there’s no evidence that user’s information was compromised. While it looks that private data of Australians is safe for now, no one can guarantee there’s not going to be another cyber attack.
Mr. Taylor said that this hack clearly demonstrates that “every connected device is vulnerable to malicious activity,” which means Australian businesses and individuals must be vigilant about cybersecurity.
How Russian hackers broke into millions of routers all over the world
While this hack occurred a year ago, the danger is still present. According to the joint technical alert, issued by the US Department of Homeland Security and FBI and the UK’s National Cyber Security Center, the attacks were not that difficult to pull off as many network devices lack proper protection against remote intrusions.
Old devices are usually not encrypted, and their outdated firmware is not eligible to receive security patches, which are essential to resist hacking attempts. What’s more, unlike office computers and servers, network devices rarely receive regular maintenance, making them easy targets for anyone who wants to hack them. If a malicious actor manages to get access to an organization’s gateway router, they can easily monitor, intercept and control any traffic traveling to and from the organization.
How can you protect your router from cyber attacks?
The above-mentioned statement also provides explicit instructions to companies on how to configure their systems properly and how to apply necessary patches. It’s also strongly advised to update your software regularly. If you’re using a router provided by your internet service provider, it should update automatically. But just to be on the safe side, check your router’s settings to make sure everything is up to date.
Changing default passwords is crucial to protect your devices from being compromised. Come up with long, complex passwords, and never use the same combination for multiple devices or accounts. To maximize the security of your device, use two-factor authentication whenever possible.
Also, keep in mind that cybersecurity goes way beyond protecting your physical device. Hackers have many techniques to intercept your Internet traffic, especially if you connect your device to an unsecured public Wi-Fi. From there, they can snoop on your communications and steal your passwords or other sensitive information.
Therefore, regardless of whether you are responsible for securing your company’s network or simply care about your sensitive data, it’s recommended to use additional security tools, such as VPNs (Virtual Private Networks). A VPN creates a secure encrypted tunnel for your Internet traffic and hides your actual IP address (click to see if you are protected), keeping any data traveling between a VPN server and your device away from prying eyes.
Full-featured subscription VPN services, such as NordVPN, PIA, or TunnelBear, allow protecting multiple devices under one account. This is especially handy if you want to secure not only your smartphone, but also a laptop or a desktop computer at work or home. Another option is to set up a VPN on your home or work router, which will secure all devices connected to the same network.