According to recently leaked documents, the CIA has been hacking numerous Wi-Fi routers to monitor a wide range of users for years.
The files point to the CIA's hacking body called Engineering Development Group, whose members have been allegedly targeting home, office, and public devices.
Notably, one part of the documents (PDF) highlights a tool named "Cherry Blossom." Basically, it allows the user to not only keep unsuspecting targets under surveillance but also access personal info such as phone numbers and email addresses and even redirect their browsers.
Now it's no mystery that routers aren't exactly the most secure devices around, despite serving as a central hub of sorts for networks. That said, here are some ways to prevent hackers from breaking into your personal space.
Change Your Admin Username, Password, And SSID
As a fairly obvious measure, it's recommended to change the router's admin username and password the second you finish setting it up for the first time. That's because the default credentials are practically public knowledge.
By the same token, the SSID also gives away your router type, possibly giving hackers a free pass to it. For instance, a Linksys or Netgear device will have a network name that contains "Linksys" or "Netgear" respectively and sometimes the model number.
In other words, it only takes a little know-how for anyone who's within the signal's range to tamper with the device, unless the aforementioned details are changed.
Use A Strong Router, Avoid The Ones Provided By Your ISP
Sure, it's convenient to just use ISP-provided routers since the companies themselves will typically set things up, but most of the time, they're not what you'd call secure.
Devices like those usually have credentials and other settings that users can't change, not to mention that they don't receive timely security patches as often as other routers.
To be on the safe side, avoid the routers that have been targeted by Cherry Blossom.
Sign Up For A VPN
VPN stands for Virtual Private Network, and if the name hasn't given away its purpose, it's an effective way to stay anonymous online by creating a tunnel between your computer and the internet via a service provider's server.
Put simply, you'll be seen online from another location, which is usually in a different country, but that depends on where the third party's server is.
It's worth noting that you can access certain geo-blocked websites through VPN too.
Turn On Firewall
As another self-explanatory measure, turning on your router's firewall is one of the basic methods of staying safe online.
Typically, you can flip the switch — if it's not automatically set, that is — through the router's settings.
On top of that, turn on your PC's firewall too, for good measure. If the default feature on Windows doesn't seem enough, there are a ton of available software in the market, but in contrast, they come with additional costs.
Turn On WPA2
WPA2 or Wi-Fi Protected Access is arguably a must-do. Why? It's simple: it provides encryption.
How to enable it depends on your router's manufacturer, though, so it's recommended to make your way to your brand's support website if you can't find it in the settings.
A word to the wise: the option usually shows up as WPA2-PSK on modern routers.
Update Your Router
Even though it seems so basic, regularly updating your router will do wonders in the long run.
Manufacturers send out new firmware versions that patches up security flaws that unscrupulous individuals unearth, and as long as your router stays updated, you're likely safer than usual from hackers.
It should be pointed out that while certain routers automatically download and install updates, some do not, so head on over to the settings from time to time and check if there any available.