An unprotected or poorly protected home router can enable unauthorized intrusion into Finnish information systems. With five easy measures, you will at least reduce the possibility that the router found in your home will end up as a spying tool.
The Protection Police has instructed Finns to take care of the data security of home routers. Supo considers old and unupdated devices to be a threat to national security.
In its announcement on Thursday, Telia said that the biggest threat is routers that are more than five years old, for which security updates are no longer available. There are hundreds of thousands of such devices in Finnish homes.
An unprotected device can be used for spying
According to Supo, insufficiently protected consumer devices can be used in cyber espionage.
An ordinary Finn himself is hardly the target of Russian or Chinese cyber-espionage, for example, but a poorly protected device can still end up as part of the espionage apparatus and thus the citizen may unknowingly assist in the realization of criminal intentions.
– If there is an unprotected device connected to the network at home, an external party can penetrate Finnish information systems through it, Telia’s head of device business Markku Saranpää said in a press release on Thursday.
Supo: Get a router from your telecom operator
In what ways can the consumer make sure that the device found at home does not pose a risk to national security?
According to experts, router security is primarily affected by the control panel password, wireless network protection, software updates and the age of the device.
The security police recommends getting a router from a telecom operator. Newer devices purchased from operators are updated automatically, and the user does not necessarily have to bear the same concern for their data security as with older devices purchased elsewhere.
“Telecom companies take care of the safe settings and maintenance of the devices they offer, but in devices purchased by consumers from the store, the responsibility for safe settings and maintenance rests with the consumer himself,” the protection police said in a press release.
The router’s settings are changed via the device’s control panel. From the instructions of the experts at Telia, DNA and F-Secure, we selected the five most essential changes that should be made to the router’s settings in order to avoid the most common pitfalls.
How to access the control panel?
The router’s control panel is a web page that can be opened with a computer or phone browser, through which it is possible to change the router’s settings.
There are hundreds or even thousands of different routers from dozens of different manufacturers on the market, so clear instructions for accessing the device’s control panel or changing settings cannot be given.
Typically, however, the address of the control panel can be found on the label on the bottom of the router, which also tells you the login credentials. If the information is not on the bottom of the device, it can be found in the instructions that came with the device at the latest.
The settings in the device’s control panel are also generally similar.
You can find instructions for network devices sold by operators via the links below:
If you need more help, you can check the make and model of your device on the bottom and contact, for example, the place where you bought the device or your telecom operator.
I got to the control panel – what do I do?
1. Set or change the control panel password
The control panel password protects the control panel itself so that no one outside can change your router’s settings. A good password is unique, difficult to guess, long enough and contains not only uppercase and lowercase letters and numbers but also special characters. For example, “admin” is not a good password, as it is a typical default password and meant to be changed to a stronger one.
2. Protect your wireless network
The control panel password is not the same as the wireless network password. The network password is the password that, for example, a new computer, phone or tablet asks when connecting to the network for the first time. Also set a password for the wireless network. The password instructions described above also apply to the wireless network password.
In addition to the password, the network’s WPA protection should also be turned on. Typical options in the network security settings are the newest and most secure WPA3 Personal and the older WPA2. However, you should not set WPA3 protection unless all your devices support it. If you also use older devices that do not have WPA3 support, choose WPA2 as protection.
The firewall is on by default in many devices, but if it is not, you should turn it on in the control panel settings. A firewall alone is not enough to protect your network, but according to F-Secure, it is an excellent way to improve the protection of devices connected to the network.
3. Give the network a unique name
Avoid using default wireless network names or other common names, such as the device manufacturer’s name. For example, Linksys, Netgear, Asus and Dlink are router manufacturers.
The default names hide the risk that, for example, someone else in an apartment building might use a similarly named network, in which case the devices might try to connect to the wrong network.
However, do not give the network your own name or any other name that can be associated with you, so that you do not provide a potential intruder with valuable information to facilitate breaking into the device.
4. Update the router software
It is also possible to update the device’s software via the control panel. If a new software version is available for the device, it is important to update it without delay. New software versions include security updates and patches for known vulnerabilities, among other things. Even if you have just updated the software and a new version is available, it is worth installing it without delay.
If the software of the device is up to date, it does not mean that the device is safe. If the software has not been updated for years, but there is still no new update version available, it may be that the device is already so old that it no longer receives software updates. Using such a device is a data security risk, so purchasing a new device is recommended.
5. Prevent remote access
According to F-Secure, remote access to the router should be turned off from the control panel. Remote use means that you can also connect to the device via the internet. However, this exposes the router to unauthorized use.
Sources: Finnish Security Intelligence Service, Telia, DNA, Apple, F-Secure, Portnox