These days, everyone’s on the rush. We want things done instantly and often forget that convenience comes at a price.
If you’re an individual who prefers convenience over security, you’re risking your online privacy. Since UPnP helps you quickly connect devices to your network without any manual configurations, it can also let hackers into your system to perform malicious activities.
Find out how hackers exploit UPnP and what you can do to protect yourself. But first, let’s understand UPnP.
What is UPnP?
Universal Plug and Play (UPnP) is a networking protocol. UPnP enables internet-enabled devices such as personal computers, Wi-Fi, smartphones, printers, among several others to locate each other and establish successful connections for sharing data.
Where is UPnP used?
The primary usage of UPnP is on private networks. Think of UPnP as an extension of Plug and Play, which enables users to connect devices directly to a computer without any manual configurations to the device or the network.
Before we dive deeper, you need to first understand about Port Forwarding.
What is Port Forwarding?
Port forwarding is used to form a direct connection between your device or a server and a remote device.
Learn more about Port Forwarding.
How Does Port Forwarding Work?
Your internet-enabled home devices, including your router, use the Local Area Network (LAN). They use LAN to communicate with each other. To communicate outside LAN, such as website servers or your friend’s computer, you’d need to go on the Wider Area Network (WAN).
To head over to WAN, you’d need to port forward your devices. Learn how to forward or open ports on your router.
What are the uses of UPnP?
Here are the common uses of UPnP:
- Online Gaming
Port forward games on PS4, Xbox and stream online games without any inconvenience.
- Remote Home Surveillance
With UPnP, you can configure your home cameras on devices while you’re vacationing abroad.
- Internet of Things devices
UPnP greatly benefits IoT devices for wireless home automation like smart bulbs, smart TVs, smart fridges, door cams, internet-controlled thermostats, smart locks, and so much more.
Why is UPnP Unsafe?
Initially, UPnP was designed to work on LAN. This means that only devices on your network could connect.
As technology progressed, router manufacturers have now enabled UPnP by default. The integration of that has made them discoverable from the WAN, which has led to numerous security risks.
How is it unsafe?
UPnP doesn’t require any form of authentication nor authorization. It assumes that devices trying to connect to UPnP are reliable and come from LAN.
This is a heaven for hackers as they can easily find backdoors to your network. For example, a hacker can discover your router on the WAN and dupe you into thinking that they’re a PS4.
A hacker will manage to send a UPnP request to your router, and the router will automatically open the port without authenticating the request.
Now that the hacker has infiltrated the network, they can:
- Gain remote access to all devices connected to your system.
- Ability to download and install malware on all devices connected to the network.
- Read your online activities and steal your confidential information.
- Use your router to carry out malicious activities over the WAN.
- Download and install spyware or ransomware on your devices and steal financial details such as credit card information.
- Execute phishing attacks or Denial of Service (DDoS) attacks to other devices.
Since your router will be used to carry out these attacks, it will only look like that you’re the one behind these activities.
Advantages and Disadvantages of UPnP
Here are the advantages and disadvantages of UPnP.
Advantages of UPnP:
- Allows real Plug and Play compatibility.
- Upnp is used for NAT traversal or Firewall punching.
- It is backed by various prominent vendors and companies like Microsoft and Intel, which makes it an industry standard.
- Upnp is an ideal architecture for home devices and networks.
Disadvantages of UPnP:
- Control points do not require any authentication. Hence any program on your computer can ask to forward a UPnP port.
- UPnP has no official implementation. Hence every router has its application; many deployments have bugs or give an open passage to malware.
- Any malicious program on your network can use UPnP, in the same way, a legitimate program uses it.
How to Protect Yourself?
Protecting yourself against malicious actors is of great importance in today’s highly vulnerable digital world. To protect yourself against UPnP router vulnerabilities, here are your options:
Enable UPnP-UP (Universal Plug and Play – User Profile)
This setting provides authentication and authorization for UPnP devices and applications. While this is not a fail-safe method, it’s a step towards protecting yourself.
Several devices don’t fully support this functionality, and despite having this enabled, they might continue to assume that other devices connecting to your router are reliable.
The other method is to disable UPnP altogether. Just before you head over to do that, it’s advised that you check whether your router is exposed to UPnP exploits.
Why do I need UPnP for PS4?
UPnP helps you change NAT type from Strict NAT to Open NAT on your PS4 or Xbox console. Enabling UPnP is simple as it can be enabled through your router.
What happens if I disable UPnP on my router?
When you turn off UPnP, the router rejects all incoming requests from any device to enter your local network to open connection and to function.