Is YOUR router at risk? Experts say most wireless internet devices are at risk of cyber-attacks. Here’s how to check yours

For most of us, WiFi in the home is as essential as keeping the lights on.

But experts are now warning that your connection to the internet could also give criminals access to your most sensitive information.

Research conducted by Broadband genius found that the majority of people have never taken simple steps to protect their routers from cyber attacks.

By leaving privacy settings and passwords as default and not updating critical security updates, people can leave their networks wide open to hackers.

Here’s how to check if your device is up to date with the latest security features and what to do if it isn’t.

Experts warn that majority of WiFi routers are at risk of cyber attacks that can be easily avoided (stock image)

Routers are the devices that allow us to connect to the wider Internet by acting as a gateway that passes information from one device to another.

They are the core of your home’s WiFi network, but most of us don’t touch them or even think about them after we connect them.

Broadband Genie surveyed 3,000 Internet users to see how they used their routers.

Their research found that more than half of respondents had never changed the factory settings of their device.

Oliver Devane, senior security researcher at McAfee, says: “Many default settings can be dangerous in the hands of cybercriminals.”

Furthermore, the survey found that the vast majority of people had never changed their WiFi network name or password.

A survey by Broadband Genie found that more than half of people had not changed any default settings on their WiFi router - compared to two years ago

A survey by Broadband Genie found that more than half of people had not changed any default settings on their WiFi router – compared to two years ago

How to update your router’s software with the latest security features

Most modern routers automatically update with the latest software, but some older models require manual updates.

To check your router’s settings, copy its IP address (usually 192.168.1.1) into the address bar of a browser.

When prompted, enter your administrator username and password. You can usually find this on the router itself.

Locate the router firmware update setting and check if any updates are available.

If possible, set updates to be downloaded automatically in the future.

Of those surveyed, 89 percent had never changed their network name, while 86 percent had never changed their administrator password and 75 percent had never changed their Wi-Fi password.

Depending on the make or model, your router may have a default name that may be publicly known.

If your WiFi network still has the default name, hackers can easily look up what password your network likely has and narrow down the range of possible guesses.

Mr Devane says: ‘Just like changing the lock on your front door, changing the default router password ensures that only authorized people can access your home network.’

Another serious security problem identified in the report is that approximately nine in ten people (89 percent) have never updated their router’s firmware.

Internet Service Providers (ISPs) regularly release updates that add new features, fix bugs, and fix security issues.

If these are not updated, hackers can use older, known security vulnerabilities to hack into the network.

Mr Devane said: ‘Cybercriminals are exploiting firmware bugs and vulnerabilities to gain access to your online information.

Leaving your router factory reset can make it much easier for hackers to gain access to your network (stock image)

Leaving your router factory reset can make it much easier for hackers to gain access to your network (stock image)

What should you change to keep your router safe?

Administrator login: This login gives access to all settings of the router, so you need to change the password to a secure password to allow only authorized users access.

Network name (SSID): The name of our WiFi network is a giveaway to hackers as to which brand and model of router you are using. Change the name to something that doesn’t include your router model or broadband provider.

Wi-Fi password: The default password may be known for certain makes or models.

Disable remote management: Many routers offer a remote management feature. This is an advanced setting that you will probably never need.

Update your router firmware (software): This is the operating system of your router; manufacturers will implement updates for safety and efficiency. Most modern routers do this automatically, but some older models may require you to do this manually in the controls.

Source: Alex Tofts, strategist at Broadband Genie, for MailOnline

“Keeping the firmware up to date with the latest security patches will prevent this from happening.”

Fortunately, most modern routers will automatically check for and install updates when connected to the Internet.

However, if you have an older model, it may be up to you to ensure that your network receives all necessary security updates.

If your network is compromised, hackers may be able to intercept information such as banking information or medical information sent over the network.

Unscrupulous neighbors can also simply gain access to an unprotected network to avoid paying for their own network.

Most ISPs make it easy for users to see what devices are connected to their network, making it possible to find out if someone is connected who shouldn’t be.

However, Broadband Genie’s research found that 75 percent of people had never taken the steps to see who was connected to their WiFi.

To check your router’s settings or change your passwords, you’ll need to navigate to your WiFi router’s online configuration page.

To do this, open an internet browser on a device connected to your WiFi network and enter the IP address of your network in the address or search bar.

The IP address for most routers is 192.168.1.1, but if this doesn’t work, you’ll need to look up your router’s address.

Once you enter the IP address and press Enter, you will be taken to the login page where you will be asked to enter your router’s username and password. This can usually be found on the sticker containing the default password.

The vast majority of people had not changed their router's administrator password in 2024 (right). The number of people had fallen from 16 percent to 14 percent in the past two years

The vast majority of people had not changed their router’s administrator password in 2024 (right). The number of people had fallen from 16 percent to 14 percent in the past two years

This comes after the WiFi network in 19 of Britain's largest train stations was hacked, highlighting the vulnerabilities in easily accessible wireless networks

This comes after the WiFi network in 19 of Britain’s largest train stations was hacked, highlighting the vulnerabilities in easily accessible wireless networks

Something as simple as changing your Wi-Fi password makes it harder for hackers to access your network, but only 28 percent of people said they had done this in 2024

Something as simple as changing your Wi-Fi password makes it harder for hackers to access your network, but only 28 percent of people said they had done this in 2024

From there, you should be able to navigate through the settings to change your passwords and network name or install any necessary updates, Broadband Genie says.

You may need to consult your ISP’s website for more specific information about where to find these settings.

If you unexpectedly find a device on your network or believe you have been the victim of a cyber attack, it is important that you take steps to secure your network.

First, disconnect your internet connection and perform a full factory reset of the router, removing any code the hacker may have installed to give themselves access.

Once the router is reset, you will need to change your administrator password, WiFi password, and network names to something unique. Make sure you don’t repeat your existing passwords or use personal information.

Finally, check any devices or accounts where you think suspicious activity has been accessed and report them if necessary.