r/TheCircuit

TL;DR

Update your firmware regularly: Many networking devices allow you to enable automatic firmware updates in the settings. If this is an option, I'd highly recommend doing it. If it's not, you can find updates for your router by logging into its web interface or using its app.

Reboot your router: The NSA's guidance recommends rebooting your router, smartphone and computers at least once a week. "Regular reboots help to remove implants and ensure security," the agency says. 

Change default usernames and passwords: One of the most common ways hackers gain access is by trying default, manufacturer-set login credentials. "There's a whole underground economy that underlies all of that," says Ferguson. "Basically, they just harvest credentials, either through attacks of their own, or by stockpiling them from other sources and buying them." This username and password combination is different from your Wi-Fi login, which should also be changed every six months or so. The longer and more random your password, the better. 

Disable remote management: Most regular users don't need to remotely manage their Wi-Fi router, and this is one of the primary ways threat actors can change your router's settings without your knowledge. You can typically find this option in your router's admin settings. 

Use a VPN: The FBI's announcement on the attack specifically recommends that organizations with remote workers use a VPN when accessing sensitive data. These services encrypt your traffic as it passes through a remote server, keeping it safe from hackers.

What's your pick for 2026?