Internet penetration in Kenya is currently at 3.9 million users and rising fast. This roughly translates to 10% of the total population. The widespread availability of broadband internet, Government support and relatively low cost of hardware means that more Kenyans are accessing the internet. Internet connectivity will eventually become common, at least in the urban areas.
However in the rush to setup networks at home or work, many Kenyans are leaving themselves open to attack. The biggest risk is coming from routers, a network device that handles message transfers between computers.
Attacks against the routers we use are different from the common hack. A common attack is where your computer is compromised after downloading something you shouldn’t have downloaded for example pornographic material.
In the router attack malicious code infects your computer through a download. Immediately you do this the malicious code seeks and attacks your router, not your computer. This code changes the router settings which govern the way your router connects you to the internet and to other computers.
So every time you go online, instead of your traffic going directly to your desired website it is diverted. Just like a diversion on the highway, your data traffic is sidetracked through a hacker’s computer.
This means that the hacker can see all your data traffic. For instance, when you type your e-mail username and password, the hacker can not only view but can also store this vital information. Your data is then re-routed back to its designated destination. This makes it very hard for you to detect the diversion.
The best way to protect your router is by simply changing the default password. When you buy a router it comes with a default password that locks access to the configuration settings. This factory password is however generic and is usually as simple as the word password.
This default password must be changed and if you are also using a wireless network you should also change the name of your network. Harden your router by also using WPA or WEP encryption which most routers support.
Malicious codes that attack routers are akin to burglars patrolling for houses that have weak door locks or open windows. By not changing the factory password of your router and not using encryption you are leaving a spare key under the door mat hoping no one will ever look there.