If you’ve poked around inside your router’s settings, you may have found something called “UPnP.” While the technology behind UPnP is meant to make things more convenient for you, cybercriminals can use it to attack your devices. So, let’s explore what UPnP is and why you should disable it.
What Is UPnP?
UPnP stands for “Universal Plug and Play.” By itself, it’s not a malicious service—it was invented to make your life a lot easier.
UPnP allows devices on your local network, connected through your router, to find one another. For example, if you purchase a brand new printer that works over Wi-Fi, you’ll want your devices, such as your computers and phones, to “see” it and send print jobs to it.
Without UPnP, you’d need to manually tell each device where your printer is on the network via its IP address. However, UPnP allows the printer to broadcast its presence to all your other devices so they can “see” it and use it to print. Plus, your devices automatically handle the ports and communication, allowing minimal user interaction to set it up.
Why Is UPnP a Security Risk?
Unfortunately, while UPnP makes it easier for your devices to find one another, it also opens the door for malware and bad actors to access your network.
For example, take an indoor camera designed for remote access. If that camera has poor security and allows anyone outside to access it using UPnP over WAN (Wide Area Network—the internet coming into your home), a hacker could hop in and monitor what’s going on inside. If they get an idea of where the house in the camera is, they can use the information to learn when the owners are out and stage a burglary. or just observe your daily activities.
Also, if a device on the network is infected with malware, the virus can check to see if it can hop to other devices on the network. If UPnP is enabled, malware can use those open channels to jump to more computers and spread across your local network.
How Realistic Is an Attack Through UPnP?
It may sound scary, but how likely will you experience an attack through UPnP?
If your router is good, it will not have UPnP over WAN, which rules out hackers getting in remotely using the technology. You’d be more susceptible to attacks over the LAN (Local Area Network—your local network in your house), where one device is infected and spreads across the network.
However, if you keep your devices safe from malware, browse safely, and install one of the best antivirus programs, there’s a good chance you can trust your devices not to spread viruses. If you want to make sure, you can disable UPnP on your router.
What Happens If You Disable UPnP?
If you disable UPnP, your router will no longer automatically manage the ports for each device that connects to your router. This means you’ll need manual port forwarding to get them talking to one another.
As such, you’ll need to make a decision. Do you prefer the convenience of UPnP, which allows you to connect devices effortlessly to your LAN? Or are you concerned about someone using those channels to inflict damage and steal data? If you prefer convenience, stick with UPnP and keep your devices safe; if you prefer security, manually handle the port forwarding so they can’t be exploited.
How to Disable UPnP
If you’ve decided to eliminate UPnP, you’ll need to access your router. You’ll do this often, as you’ll need to revisit it every time you need to forward a new port (i.e., when you connect new devices to your network).
We covered disabling UPnP in our simple tips to secure your router, so be sure to check it out if you want to maximize your router’s security.
UPnP is a useful feature, but cybercriminals can exploit it. While you can disable it and perform manual port forwarding, some people may never experience an attack over UPnP due to good browsing habits and solid security. As such, it’s worth weighing both arguments when deciding whether to keep UPnP enabled or not.