Keeping firmware updated is the most effective way to protect against known weaknesses and threats, but zero-day exploits that even the latest firmware might not correct are found…well… every day.
If you don’t keep your WiFi router firmware up-to-date, the hackers may do it for you. There have been a number of documented cases where the bad guys have replaced the router’s firmware with their own, giving them a back door into your network and essentially allowing them to eavesdrop on every network connection you make to the internet. This allows them to compromise every device connected to your WiFi router.
Even if you do keep your WiFi router firmware updated, it can still be replaced if you are not careful. The CIA purportedly had a program, for example, called Cherry Blossom that could replace a WiFi router firmware with spyware if other features of the router were not configured properly. (See Administrator Password and Universal Plug-N-Play sections below).
Keeping firmware updated rates 4/5 shields. It’s only a 4 because most updates are in response to a bug or exploit being found. It’s nearly impossible for firmware to get ahead of hackers researching and exploiting zero-day flaws.
Also, like any other security tool, this one can be turned against you if you are not careful. Firmware updates alone are not enough.
The primary way bad guys break into computer systems and spread malware is through some weakness in the system itself. Recent examples of ransomware like WannaCry and Petya show how Windows’ weaknesses can be readily exploited.
Just like your PC, mobile phone, and notebook computer, your WiFi router also runs an operating system. This is the firmware that you’ve probably heard about. (The name is just a play on the term software—firmware is just software, but instead of being stored on a disk like the operating system on your PC, it’s stored semi-permanently on programmable chips. It’s more “firm” than “soft.”)
Since your WiFi router runs an operating system, it is just as susceptible to hacking through coding errors and weaknesses as your PC. And just like your PC, the WiFi router should have its operating system updated to stay current with the known hacker threats.