Home Wi-Fi security is as bad as PC security in the 90s

Nearly three out of four internet-connected households in the UK are at risk of getting attacked through their wireless router, according to a recent study by Avast Software.

“Unsecured routers create an easy entry point for hackers to attack millions of home networks in the UK,” said Vince Steckler, CEO at Avast. “Our research revealed that the vast majority of home routers in the UK aren’t secure. If a router is not properly secured, cybercriminals can easily gain access to an individual’s personal information, including financial information, user names and passwords, photos, and browsing history.”

Avast found that more than half of all routers are poorly protected by default or common, easily hacked password combinations such as admin/admin or admin/password, or even admin/no-password. Surveying more than 2,000 households in the UK, researchers found that an additional 23% of consumers use their address, name, phone number, street name, or other easily guessed terms as their passwords.

One of the biggest risks on any Wi-Fi network is DNS hijacking. Malware is used to exploit vulnerabilities in a user’s unprotected router and surreptitiously redirects the user from a known site, such as a bank website, to a fake site that looks just like the real thing. When the user logs in, thieves capture the user’s login credentials and then use them to access the real site.

“Today’s router security situation is very reminiscent of PCs in the 1990s, with lax attitudes towards security combined with new vulnerabilities being discovered every day creating an easily exploitable environment. The main difference is people have much more personal information stored on their devices today than they did back then. Consumers need strong yet simple-to-use tools that can prevent attacks before they happen,” said Steckler.

According to the survey, less than half of British people strongly believe their home network is secure and 15% of respondents reported that they have fallen victim to hackers. Survey respondents reported that the consequences of a breach could be severe, and reported that they are most concerned about their bank or financial information being stolen (43%), losing their personal information (32%), getting their photos hacked (11%), and having their browsing history stolen (11%).

Despite concerns, people aren’t good at protecting themselves:

  • 15% of respondents don’t know if they use a solution to protect their home network and 9% are certain they don’t use one
  • 19% of respondents use the same username and password for their router as they do for their password-protected websites
  • 37% use the default password on their router and another 12% aren’t sure if they use the default password
  • Only 37% take steps beyond using a basic firewall to protect their network.