Your Wi-Fi router may be vulnerable to hacking. Research by the National Institute of Standards and Technology found up to 209 security flaws in routers in 2022. These flaws leave your routers open to exploitation.

One of the latest examples happened in mid-2023, when the FBI and other security offices announced a hacking group called BlackTech targeted Cisco routers.

Luckily, you can prevent router hacking. I know because I’m a tech expert with more than a decade of experience. I contacted Josh Amishav, founder and CEO at Breachsense, a data monitoring service, to provide you what you need to know to keep your router safe.

How Do Hackers Get Control of a Router?

Hacking a router is a lot like hacking your computer. The criminals typically target weak passwords or security settings. Once they access the router, they use malicious code (malware) to access your network.

Why Do Hackers Want Control of Your Router?

When bad actors hack your router, it’s easy for them to access anything connected to it. This includes security cameras, computers, smart TVs and even appliances. With access, they can watch you through your cameras, gain access to banking accounts and more.

They can also use your internet connection to do nefarious things, like sending phishing emails or hacking into other people’s tech or accounts. Tracking their activity is harder because it’s traced back to you, not them.

“Controlling the router allows malicious users to monitor, capture and manipulate the data being sent and received,” Amishav says. “They can redirect users to malicious websites or spread malware to other devices. Attackers can also exploit compromised routers to attack other systems and mask their true IP address using the victim’s network.”

An example of router malware

VPNFilter is one of the most popular types of router malware, responsible for more than half a million attacks. It spreads to any tech connected to routers, collecting personal information like account passwords, banking information and social security numbers.

How To Tell if Someone Hacked Into Your Router

internet connection with wlan router in home officedeepblue4you/Getty Images

There are several clues to look for:

  • Slow computer or internet speed: Malware can reduce the performance of your tech. It’s one of the surest signs your network may be compromised.

  • Your passwords don’t work: If it happens all of a sudden, that may mean hackers have changed them.

  • Website redirects: Scammers may redirect your browser to fake or malicious sites that can infect your system with even more malware. These sites can also trick you into entering personal information, like your Social Security or bank account number.

  • Fake antivirus notifications: This one is tricky. By making you think you’re infected, they infect you. The goal: Getting you to download protection against the supposed virus. Instead, you’re really downloading malware. Or they may trick you into buying fake antivirus software.

  • New apps or software: If you notice new apps or software on your computer, tablet or phone and you’re sure you didn’t download it, your network may be compromised. Hackers may have installed these items to infiltrate your tech.

  • Unfamiliar devices: If you log into your router’s administrator interface and see devices connected you don’t recognize, you’ve probably been hacked.

How To Prevent Getting Hacked

While getting hacked can seem scary, there are several ways to protect yourself and your router. These include changing your passwords, updating your router and adding security measures.

Your first line of defense is your password. “Many users do not change the default login credentials of their routers,” Amishav says. “If a hacker knows or can guess these credentials, they can gain access.”

When you change your admin password, make sure it isn’t something easy, like a birthday or the name of your child. Random numbers, letters and symbols are your best bet.

Also, change your Wi-Fi password while you’re at it. If you don’t know how to change passwords, do an online search with the name of your router and “how to change admin password” to get instructions.

Outdated router firmware is another common issue, according to Amishave. Vulnerable firmware can be exploited to gain unauthorized access. Make sure to update your router once a month.

Here are more steps to make your network less vulnerable to hacking:

  • Make sure to disable any remote management functionality.

  • Use WPA3 or WPA2 encryption for your Wi-Fi. If your router is older, it may only use WPA and WEP encryption. In that case, upgrade to a new router with WPA3 or WPA2 encryption.

  • Disable Wi-Fi Protected Setup (WPS) and Universal Plug and Play (UPnP) options in your router settings. This will make it harder for hackers to get access.

  • Consider setting up a guest network for visitors or untrusted devices. This will prevent others from having your main password, protecting your network from malware that may be on your friend’s computers or phones.

  • Ensure the router’s built-in firewall is enabled.

  • Consider using a VPN on your router for increased privacy and security.

What To Do If You’ve Been Hacked

If you think you’ve been hacked, take these steps:

  • Log in to your router’s administrator interface and disconnect any unfamiliar devices from your network. Then reset your router to factory settings.

  • Change the password to your router. Make sure it’s a strong one with numbers, letters and symbols.

  • Scan your system with antivirus software to catch any malicious code. Don’t think just rebooting your router will get rid of it. Router hacking malware has been designed to outlast reboots.

  • Download any updates to your router’s firmware from the manufacturer’s website. Then report the hack to the FBI’s Internet Crime Complaint Center.