How to protect your wireless router from malware

Your PC and your phone aren't the only devices that can catch an infection: The router that links them to the Internet may be vulnerable too

O D worries that other people, including criminals, can see his IP address. "What can happen if they come into my router?"

As I pointed out last year, your router's IP address is anything but a secret. Every website you visit gets a look at that number. And from that IP address, they can discover your ISP and your general location (your neighborhood, but not your address).

But can they infect your router with malware? It's not likely, but the danger is significant enough to take precautions.

[Have a tech question? Ask PCWorld Contributing Editor Lincoln Spector. Send your query to answer@pcworld.com.]

Last year, researchers discovered a worm, which they called TheMoon, that infected several Linksys routers. Linksys soon issued a fix to stop it. This wasn't the first such attack, and it will almost certainly not be the last.

Note that TheMoon infected only Linksys routers. I'm not picking on Linksys; the next attack could be on D-Link or Netgear routers. That's the nature of this kind of  malware-- it's manufacturer-specific. So chances are that a worm that tries to attack your router won't be compatible with it--and for once, you can be thankful for incompatibility.

What follows are the basic precautions everyone should take. For more details, read this helpful router security piece by Michael Brown and Jon L. Jacobi.

Finally, if you're really worried, hide your IP address by using either an anonymity browser like Tor, or a virtual private network (VPN) like CyberGhost.

Join the CSO newsletter!

Error: Please check your email address.

Tags networking hardwareLinksysNetworkingsecuritynetgearroutersD-Linkmalware

More about Linksys

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lincoln Spector

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place