Categories
IT Security Outsourced IT

Router Security

What is Router Security?

A router is device that connects two or more packet-switched networks or subnetworks. Packet switching is a method of grouping data into packets that are transmitted over a network. Routers serve two primary functions: managing traffic between networks by forwarding data packets to their intended IP addresses and allowing multiple devices to access the same internet connection. There are many types of routers, but the majority of routers pass data between LANs (local area networks) and WANs (wide area networks).1 A LAN is a group of connected devices restricted to a specific geographic area and typically only requires a single router. WANs are large networks spread out over vast geographic areas. A large organization with multiple locations across the country might have separate LANs for each location; the LANs connect to other LANs to form a WAN. Due to the geographic area being large, a WAN often requires multiple routers and switches.

In order to connect a LAN to the internet, a router must first communicate with a modem. The two primary methods for a router to connect to a modem are:

Wireless router. A wireless router uses an ethernet cable to connect to a modem. It converts packets from binary code into radio signals and then wirelessly broadcasts them using an antenna in order to distribute data. Wireless routers establish WLANs (wireless local area networks) to connect multiple devices in the network to the internet.

Wired router. A wired router uses an ethernet cable to connect to a modem, and it then uses separate cables to connect one or more devices with the network, creating a LAN, and then links the devices within the network to the internet.

Specialized routers include:

Core routers are used by large organizations that transmit high volumes of data packets within their networks. They operate at the core of a network and do not communicate with external networks.

Edge routers are used to communicate with both core routers and external networks. They live at the edge of a network and use the BGP (Border Gateway Protocol) to send/receive data from other LANs and WANs.

Virtual routers are software application that perform the same function as a standard hardware router. It may use VRRP (Virtual Router Redundance Protocol) to establish primary and backup virtual routers.

Recent research has found over 200 bugs in Wi-Fi routers made by nine popular manufacturers including Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys.2 Most of the vulnerabilities were linked to outdated software, underscoring the importance of keeping router firmware up-to-date with the most recent patches. Cyberattacks associated with routers include:

Vulnerability exploits. Unpatched routers can be compromised attackers, allowing them to monitor traffic or use the router as part of a botnet.

DDoS cyberattacks. DDoS cyberattacks overwhelm routers or cause them to crash.

Administrative credentials. If routers are left with the default administrative credentials such as “admin”, a cyberattacker can use them to gain control of the router remotely.

1 Cloudflare, 2021, “What is a router?”

2 Sharma, 2021, “Pretty much all Wi-Fi routers are vulnerable to attack, study finds”