So, your router has been compromised. Resetting the hardware is the greatest remedy, but does that make it secure once more? What you should know is as follows.
The first recommended action is frequently to turn off and then turn back on your router if you fear it has been compromised. But does a straightforward reset actually restore your router’s security? The majority of the time, the answer relies on how you reset your router and what you do next afterward.
How to Tell if Your Router Is Hacked
The most typical indications of a router breach should be known to everyone. Remember that each of these symptoms could indicate a variety of problems when considered separately, but if you see any of the following for an extended length of time, you should look into the cause:
- Browser redirections: If your browser keeps redirecting you to websites you’re not trying to visit, there’s a good chance that either your network or device is hacked.
- Router login issues: If the password for your router admin account is suddenly different, hackers may have changed it to keep you out of your own network.
- Slow internet connection: Every internet connection experiences slowdowns but, if your connection is unusually slow for extended periods of time, you want to investigate the issue
- Unknown IP addresses: Assuming you can still log in to your router admin account, seeing unrecognized IP addresses connected is a key indicator that your router is hacked.
- Suspicious messages: If you receive ransomware messages, fake antivirus notifications, increased pop-ups, or other suspicious messages, this could indicate your network and/or device is compromised
Keep an eye out for suspicious activity and regularly check which devices are connected to your Wi-Fi network. Hopefully, an unexpected connection simply means a cheeky neighbor has guessed your Wi-Fi password. But, if they can access your network, what’s stopping experienced cyber criminals?
Will Resetting the Router Boot Out Hackers?
Resetting your router cuts all connections and reboots from scratch, including any hacker connections. However, if your router reboots with the same login credentials, nothing is stopping hackers from reconnecting or logging in to your system again.
To boot hackers out of your system–and keep them out–you want to reset your router and change your credentials (router login name, router password, network name and network password).
This way, you’re booting hackers off your system with the reset and preventing them from regaining access by changing your login credentials. Unfortunately, this won’t undo anything malicious hackers have already done with your device, data, etc.
This is why it’s important to regularly check for unrecognized connections and take action quickly. Also, you should regularly perform router reset cycles as part of your online security strategy.
How to Reset a Hacked Router Properly
If you suspect your router has been hacked, follow these steps immediately to properly reset your device
1. Perform a Factory Reset
The first thing you want to do is reset your router to its factory settings. This reverts all of your router’s settings to their original state, including router login name, router password, network name and network password–as well as anything else hackers may have changed.
This is most effective when you’ve changed your credentials from their factory defaults before hackers gain access. In these instances, a factory reset will cut the hacker’s connection and prevent them from regaining access with the same credentials.
2. Update Your Router’s Firmware
Before you change any credentials, make sure your router’s firmware is updated to the latest version. A factory reset will also revert your router to the original firmware version it shipped with, so you’ll need to manually install the latest update.
Most firmware updates patch security vulnerabilities, so you always want to make sure you’re running the latest software. Again, you should regularly check for router firmware updates as part of your home network security strategy
3. Change Your Router’s Login Credentials
With your router reset and running the latest firmware, it’s time to change your access credentials. First, you’ll want to change the login name and password of your router, which gives you access to the administration software.
Type your router’s IP address into a web browser and use the default login credentials to access the administration panel. The layout and available settings in router software vary from one manufacturer to the next.
All manufacturers allow you to change the password for your router and some also allow you to change the login name, too. The most important thing here is to choose a secure password that’s easy to remember but difficult for hackers to crack, even if they’re using automated programs.
4. Change Your Router’s Network Name (SSID)
Next, you should change the name of your internet network, which is called the service set Identifier (SSID). This is the visible network name nearby users can see on their devices when they look for networks within reach.
Changing this will make it harder for hackers to identify your network, and it also sends a signal to others that your network is secure. Default network names can make you an attractive target to hackers because they suggest other default settings will remain in place and overall security is weak.
If you want to step up security even further, you can change the SSID for your network and, then, hide your Wi-Fi network to stop it showing up in the list of available networks for nearby users.
5. Change Your Network Password
Once you’ve set an SSID, you’ll want to create a new password for connecting wirelessly to your network. The field for defining your wireless password could be located in several places, depending on the router you’re using
A lot of manufacturers group the network name and password fields together, but you might have to look elsewhere–for example, the security certification settings section.
6. Disable Remote Management
Remote management is a common feature that allows users to access your router from anywhere in the world. This allows you–and, potentially, anyone else–to access the admin account using the login name and password you’ve set (or default credentials if you haven’t changed them).
This is a major security weakness, but most routers allow you to disable remote management or limit the devices that can access it. For example, you can normally limit access to one device or a set of devices using their IP addresses.
7. Turn Off Wi-Fi Protected Setup (WPS)
Wi-Fi Protected Setup (WPS) makes it easier for new devices to connect to a network without providing a password. If you look at your router, you might notice a button labeled WPS. Pushing this button temporarily allows nearby devices to connect to the network without selecting the network on their device or typing in a password.
WPS is a convenient feature if you have many devices connecting to your network, but it’s also a security risk. If a lot of people have physical access to your router, you should turn WPS off. You can always create a guest network for people to access without a password if you want people to connect easily to your network
What Should You Do After Resetting a Hacked Router?
After resetting a hacked router and changing your login credentials, you should take the following steps:
- Verify the devices that are linked to your network:Check whether devices are currently connected to your Wi-Fi network by logging into the router’s admin panel and making sure nothing unrecognized is there.
- Keep a look out for the indications that a router has been compromised that we previously addressed, especially the ones that initially caused you to have doubts.
- Check for malware on your devices:Check all of your devices for viruses, malware, and other dangerous programs that hackers might have used to target you by using reputable anti-virus software.
- Check to see if any of your personal information has been compromised:Look for any indications of data breaches, such as odd login attempts, unusual account activity, password changes you didn’t create, etc., as hackers may attempt to obtain your personal information (email addresses, passwords, payment details, etc.). Additionally, if you haven’t already, enable security measures like two-factor authentication.
- Watch out for any suspect payment activity: Some hackers will target your bank account directly, so keep a watch out for any questionable payment activity, especially any paid activity on subscription accounts.
You can recheck the security of your router by performing these procedures. Second, you’re looking into any possible damage that hackers may have done while using your router and you’re taking precautions to reduce any danger.
Keep Your Router Safe from Hackers
When it comes to cybersecurity, preventative steps are always the best course of action. In terms of home networks, hackers typically seek out targets that are simple to attack. Protecting your network deters most hackers from even attempting to access it, in addition to making it more difficult for them to do so.