But with some quick action and maintaining good habits, you can stay safe online.  

New guidance from the National Security Agency (NSA) and the FBI urges Americans to take simple but critical steps to secure their routers following a major cyber operation linked to Russian intelligence. 

Even if your router was provided by your ISP (Internet Service Provider), such as your cable company, you should still unplug it, wait 30 seconds to a minute, then plug it back in to reboot it.  

The biggest takeaway? If you haven’t updated your router in the past week, reboot now!

Why the NSA is sounding the alarm

 U.S. cybersecurity agencies recently disrupted a network of compromised home and small-office routers (the NSA classifies these as SOHO) used by a Russian military intelligence unit known as the GRU. These attackers, sometimes called APT28, Fancy Bear, or Forest Blizzard, have been exploiting outdated and poorly secured routers to: 

• Steal login credentials 

• Intercept internet traffic 

• Target sensitive data tied to government, military, and critical infrastructure 

Importantly, these hacks don't just impact the big boys. You're a possible target even if you don't go online at home for work! The criminals often start with everyday home routers. One system the NSA said GRU targeted was TP-Link routers using CVE-2023-50224, but the government is encouraging everyone to reboot their routers. Also, if your router is listed on this TP-Link webpage, it’s time to unplug and replace it.   

Your router is a big deal

Think of your router as the front door to your digital life. If it’s not secure, attackers may be able to access: 

• Personal accounts 

• Work-related systems, especially if you work remotely 

• Smart home devices (i.e., your Internet of Things) 

• Your communications 

And unlike your phone or laptop, it's really easy to forget to update your router or to leave its default password… 

4 actions to do right now to secure your router 

Protecting yourself doesn’t require technical expertise. The NSA and FBI recommend a few simple steps. 

1. Update your router 

Router updates fix security flaws that criminals seek to exploit. Rebooting your router might be as simple as unplugging it from power, waiting 30 seconds, and plugging it back in, but you should check your router’s app, software settings, or official website for a more thorough reboot.  

• Log in to your router settings 

• Check for firmware updates 

• Turn on automatic updates if available 

If you take away one to-do item from this article, this is the most important!  

2. Change the default username and password 

Many routers still use factory logins like “admin" or "default." You guessed it: that’s an easy win for attackers. In some cases, the list of router default login info might be published online, like in digital copies of manuals! 

Your router password needs to be strong: at least 16 characters long, not reused anywhere, and a random mix of letters, numbers, and symbols. Store your router password securely in a password manager!  

3. Disable remote management 

Some routers allow access from anywhere on the internet, but this convenience comes with risks. 

In your router settings menu, turn off “remote access” or “remote management.” 

Only allow access from devices inside your home network. 

4. Replace outdated routers 

If your router is no longer supported by the manufacturer, it may not receive security updates. 

That makes it a sitting target.

Sorry to say, it's time to get a new router: 

• Check if your device is “end-of-life” 

• Upgrade if it no longer gets updates 

Of course, now you can get a shiny new router from a trusted manufacturer with excellent security! Check online review sources like Consumer Reports or Tom's Guide for recommendations.  

Restart your router for robust resilience! 

Restarting your router is a simple habit that helps. We recommend rebooting your router periodically—monthly is a good place to start. Also, turn on "automatic updates" in your router settings if possible. Rebooting matters because it can disrupt certain types of malware and clear temporary connections that attackers exploit. While rebooting isn't a silver bullet for cybersecurity, it's a great habit.  

Everyone should reboot their routers! 

Hackers don't just target big corporations. Nowadays, criminals are:

• Using home routers and devices as entry points 

• Exploiting basic security gaps in old software 

• Blending into everyday internet traffic 

The 10-15 minutes it takes to restart, reboot, and update your router is well worth the peace of mind. For more cybersecurity tips, sign up for our email newsletter! 

FAQs 

How do I know if my router needs an update? 

Log in to your router’s admin panel and check for firmware updates. If you’re unsure how, search online for your router model + firmware update. Only trust information available from the router manufacturer's website! You can reboot your router even if an update isn't available.  

How often should I update my router? 

We recommend turning on automatic updates if you can. Otherwise, check for updates every month.  

What happens if I don’t secure my router? 

Criminals may intercept your data, steal credentials, or use your network for malicious activity. 

Is restarting my router enough to stay safe?

No. Restarting helps, but you still need to update firmware and change default passwords.