A lot of users focus on what malicious software could attack their computers or devices but rarely keep in mind that routers are at the same risk as any other device. Routers hold a lot of sensitive data since several devices are connected to it. If the router is at risk, that automatically puts these devices at risk too. An external user through malicious malware can gain access to information such as your name, passwords, bank details, cards, etc. They can also gain access to media and other sorts of data stored both on the router and on the devices. Malicious malware is released on a daily basis that attacks vulnerabilities found in software such as those on routers. Although manufacturers release updates periodically, there are certain steps users can take in order to make sure that your router is protected from malware attacks.
Recently, VPNFilter is a type of malware designed to target routers and has been on the rise for several months. It can gather information from your router and can destroy your device remotely. There are some models that are more susceptible to this attack than others. Unfortunately, there’s no hard and fast rule that tells you there’s a malware attacking your router. You could log into the configuration page and check the DNS settings since a changed DNS server usually means that the router has been compromised. If the DNS server is set to automatic then that’s fine, but if it’s on manual and you don’t recognize the servers given, that might be a warning sign that there’s something wrong. A few steps you can take if you think your router is being attacked is either factory reset it or reboot it. Factory reset can be done by holding down the reset button present at the back of the router for about 15 to 30 seconds. Keep in mind this will remove all your saved data and settings. Secondly, you could simply just reboot the router which won’t necessarily kill the malware but will send it back to its initial stages.
To protect yourself, make sure your router is running on the latest firmware. You can check this by logging into the configuration page and checking for any updates. Also check the manufacturer’s site for any updates if you don’t find any on the configuration page. Make sure to also change the login and password for extra security so that nobody else has access to the configuration page.
Also, there’s an option for remote management on most routers. Make sure to turn this off since this will stop unwanted users from controlling the router remotely. Furthermore, turn off UPnP since it trusts all requests coming from within your local network, it can be used to change your DNS server. Hopefully, by following these steps you can not only keep your router safe from malware attacks but also the devices that are connected the router.