If you still haven’t set up security for your WiFi network, on Friday 21st October 2016 there was a really good practical example why this is absolutely necessary. On that date, there was a highly orchestrated Distributed Denial of Service (DDoS) attack which took down or at least severely slowed down, some of the world’s most popular websites like Amazon, Reddit, Netflix, BBC, CNN and many more.
This attack was made possible because of unsecured WiFi routers and WiFi cameras, meaning if you haven’t set up WiFi security yet, it is time to learn. Not setting up WiFi security can lead to you getting your credit card details stolen, a neighbor using your WiFi network, but also hackers using your WiFi router to take down the Internet. You may feel that WiFi security is hard to set up and the only one who is losing is you if your details are stolen. Or you might feel that you don’t mind your neighbor using your WiFi. But the reality is that when you don’t set up WiFi security like a secure WiFi password and hackers use your router to take down the Internet, including everyone’s favorite news and entertainment sites, everyone suffers, not just you.
What is a Distributed Denial of Service Attack?
A distributed denial of service attack happens when a server has so much traffic that it simply stops working. You can see a similar result when you try and order a popular festival ticket or do online shopping on Black Monday, when, purely down to the sheer amount of traffic, the site stops working until it’s caught up with its tasks. In a DDoS attack hackers continuously ping data at such a speed that the target servers don’t have time to catch up and since many websites share the same servers if hackers hit one they can hit many.
How did Hackers Launch this DDoS Attack?
Over the previous month’s, groups of hackers had managed to distribute and install Mirai botnet malware on over 45,000 unprotected CCTV camera, DVRs and WiFi routers across 164 countries. Like any virus, Mirai’s mission is to duplicate itself and cause mischief. It does this in two ways:
- Locate and compromise IoT devices to further grow the botnet.
- Launch DDoS attacks based on instructions received from a remote C&C(Command and Control).
Then on October 21st, these hackers sent their instructions to take out any vulnerable server’s using an HTTP flood. It just so happened that Dyn’s DNS (Domain Name Service) servers were the most vulnerable.
This Sounds Worrying, is my WiFi Router Vulnerable?
The truth is that the moment you connect your devices to the Internet you are at risk from a hacker group, but you can – and should – do some basic things to secure your router and WiFi network. Think about your WiFi security like you would your basic home security. In the case of home security, most of us can’t afford to hire armed guards or buy extra strength glass, but we can remember to lock our doors and windows. If thieves rob our homes after we have locked our doors we know we tried our best. The same applies to your WiFi security, for which there are a bunch of things we can do with minimum effort and at no cost that will act as a strong deterrent to any hackers. If you do them hackers, just like thieves looking for open windows, will move on to easier targets.
How to Secure my WiFi Network?
- The most important thing is to make sure you change your WiFi password; leaving your WiFi network with the default WiFi password or no password is the equivalent of leaving your windows open wide. You should also change the password for your WiFi router management console, use WPA2 security, and change the SSID (name of your network).
- Disable UPnP (primarily used by torrent clients). This can allow remote access to your computers. Use NAT (Network Address Translation) if you need to allow ports in.
- Make sure your firmware is up-to-date. Most WiFi router manufacturers are aware of any bugs in their system long before you are, so don’t just use the out-of-the-box firmware.