Securing your home network and Wi-Fi

Your home network can be as simple as just using the broadband router that your Internet Service Provider (ISP) has provided you with, and you connect your devices via a cable or Wi-Fi.  It's important to familiarise yourself with how this device works as all of the devices you use connect to it.  If the router has weak security then your whole network does too. Cyber criminals could use your internet connection or devices on your network to leverage access and potentially carry out illegal activities as if they are you, or access sensitive information that you send or receive online.  Take the following steps to better secure your home network:

Secure your router

  • Change the default username and password to log into your ISP’s router.  Default usernames such as “admin”, and passwords such as “password” are not secure.  Attackers will know the default username and passwords for most standard devices and can exploit this to get into your home network.
  • Any other network devices such as wireless repeaters, wireless access points, and powerline Ethernet adapters will more than likely need their default username and password details changed to make sure that they are secure from any intrusion. 
  • The following are a sample of Internet Service Providers’ help articles on how to change the default log in account details for their routers: BT / Vodafone / Sky / Talk Talk / Virgin Media
  • Know what devices are connected to your network. Some network providers will have functionality built into their routers they provide you with to enable to see this in real time and even set up friendly names so that you can remember what they are if you have a lot of devices connected.  Investigate and remove any unrecognised devices from the network if you wish to be on the safe side.  Free 3rd party tools are also available which can help you with this such as the “Fing” app. 
  • Ensure automatic updates are enabled on your internet router if this option is available. You will need to log into your router to check.
  • Turn your router’s Firewall on - Most internet routers come with a built in firewall.  It's worth researching if your router has a firewall feature built into it and make sure it is turned on. Ask your provider if in doubt.

Secure your Wi-Fi

Because Wi-Fi signals are better than ever, your Wi-Fi connection can be reached outside your home. There are simple steps you can take to help make it more secure and to protect your devices that are connected to it:

  • As with default login passwords for your router, it is also important to change the default Wi-Fi password on your router to a strong password that is also easily remembered by you and other members of your household. 
  • Change your network name (called “SSID”) so that it does not contain your Internet Service Provider’s name in it, such as VODA4321, or BTHUB123 for example, you are immediately giving away what type of router you are using and this will make it an easier target for criminals.  Consider also configuring your router so it does not broadcast the SSID at all.
  • Make sure that you use “WPA2” or the newest “WPA3” as your Wi-Fi network encryption method. You will need to log into your router to check this is the connection security that is being used.  “WEP” and “WPA” are older and less secure, and should not be used. Never set your Wi-Fi network to “Open”.
  • Keep smart devices separate - Consider setting up smart devices such as speakers, light bulbs, plug sockets etc, on a separate network so that they are kept separate from devices that store private data, such as your PC.  Most home routers will have a “Guest” Wi-Fi network which would keep devices separate from your ordinary network.
  • Consider enabling a guest network for actual guests as well, rather than letting guests use your main network name with all of your trusted devices on it. 

Public Wi-Fi

Public Wi-Fi hot spots could be set up by anyone.  Often cyber criminals set up rogue access points in order to lure people into accessing the internet for free, but they could potentially access all of the information you send and receive while using it.

  • Wherever possible, use well-known, commercial hotspot providers such as BT OpenZone for example.
  • Ensure you have an up to date antivirus and firewall package on your device before you use public WiFi hot spots. 
  • Avoid using public Wi-Fi to access sensitive information such as e-banking. 
  • If possible, use your own mobile internet (3G/4G/5G) as this is more secure than using an untrusted Wi-Fi hot spot. 

 

Resources

Secure Your Home | NI Cyber Security Centre

Wireless Networks & Hotspots - Get Safe Online

Individuals & families - NCSC.GOV.UK

Secure home working on personal IT - NCSC.GOV.UK