PROTECTING YOUR HOME NETWORK - from cyber attacks WIREDSCORE'S GUIDE ON...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
W I R E D S C O R E ’ S G U I D E O N ... PROTECTING YOUR HOME NETWORK f r o m c y b e r at ta c k s There’s no honor among thieves. Such is the Follow the simple advice in this guide and case even in the midst of an international protect yourself and your privacy. health crisis. In this short guide we will explain what type of As we’ve all made the shift to remote work, remote attacks are common among work from home education, and social distancing to stem the spread employees during Covid-19. of Covid-19, cybercriminals have opportunistically sprung into action to capitalize on our collective But do not be alarmed. There are simple steps reliance on connectivity. you can take today to protect yourself from opportunistic cyber criminals. While corporations and educational institutions have the ability to mitigate the risk of attacks In the second part of this guide we will show you on their network when users are on premise, exactly what you need to do to stay protected. remote access opens up an entirely new world of vulnerability that all are still grappling with. 2 | Protecting your home network from cyber attacks wiredscore.com
COMMON TYPES OF CYBER ATTACKS DURING COVID-19 Over the past several weeks, we’ve seen a massive 90% of cyber-attacks start with a phishing uptick in cybercrime from social engineering, campaign, and hackers are adapting their methods to phishing, and brute force attacks into our home take advantage of more people working from home. networks. Hackers are shameless and will sink to any means Here are the common ways phishing is used to to obtain your data, this only increases when we steal your personal information: are distracted by world events, with even the World Health Organization being attacked in March. Phishing Websites 90% of cyber-attacks start with a phishing These websites are created to get users to visit campaign, and hackers are adapting their them by mistyping a website name or clicking on a methods to take advantage of more people link that looks similar to a genuine website. working from home. wiredscore.com Protecting your home network from cyber attacks | 3
• Google also saw a 350% increase in phishing A phishing website tries to steal your passwords or websites looking to capitalize on our desire for other confidential information by making you think it’s a genuine and secure website. information, posing as health organizations, charities, and research institutes. In January 2020, there were a total of 149,195 active Covid-19 related phishing sites. This number During a crisis like Covid-19, hackers will increase leaped 100 % to 293,235 in February and the volume of these attacks by registering as nearly doubled again by March, totalling many domains as possible with keywords that are 522,495 registered Covid-19 phishing sites. searched. • According to the software firm Checkpoint, since the beginning of 2020, there has been a substantial increase in new domain registration names that include “Zoom”, the video conferencing software of choice. Since January this year, there has been in excess of 1,700 new registered domains with some variation of ‘Zoom’, and 25 percent of those were registered during the 2nd week of April alone. Seem suspicious? 4 | Protecting your home network from cyber attacks wiredscore.com
Phishing Emails If you want to see what these look like, check your Spam folder! We’ve all seen these, they are usually poorly written, sometimes from someone we know, and try to get us to download an attachment to launch malware onto your computer. What’s the problem then if my Spam folder captures them all? Unfortunately many do get past your spam, and hit your inbox. Cybercriminals get smarter all the time and email providers need to continually play catch up. wiredscore.com Protecting your home network from cyber attacks | 5
There are several types of phishing emails In the US, Americans will be getting stimulus you should be looking out for: checks in Q2, but the FBI warns hackers will be capitalizing on this to steal information via Company Info: Cybercriminals are targeting phishing emails. They indicated that in no way will remote employees with company messages that any government agency be reaching out over email notify workers of a positive Covid-19 test within for personal information. their organization. The messages contain malicious attachments disguised as protocols that the company is undertaking as well as a “flyer” that recipients are asked to open, read and print out. Government and Covid-19 Related Info: There has been a large uptick in attempts from emails sent from seemingly legitimate organizations, to ask for charitable contributions, general financial relief, airline carrier refunds, fake cures and vaccines, and fake testing kits. 6 | Protecting your home network from cyber attacks wiredscore.com
HOW TO PROTECT YOURSELF FROM PHISHING WEBSITES AND EMAILS? • Check the content of an email, look for • Go to the domain of the senders email address to misspelled words and closely examine the return help verify the legitimacy. address. Typically these emails will be especially vague or general. • Example: sender@wiredscore.com WiredScore.com is a real site. • Don’t open unknown attachments or click on links within the emails or text messages. • Beware of lookalike domains, double check that you are on a secure website with the correct Now you know how to protect yourself from URL before entering passwords or personal cyber attacks that we can typically see and information. identify, but what about those attacks we can’t? wiredscore.com Protecting your home network from cyber attacks | 7
HOME NETWORK SECURITY Unfortunately, there isn’t just one tool in the hacker Once in, they are changing our router settings to toolkit, and the more sophisticated attackers will automatically route us to phishing sites like the target the actual networks we connect to, rather ones we just explained. than use websites or emails. By nature, our home networks don’t have the same security that would be in place in a corporate environment and hackers are Attackers are “brute forcing” to get into our networks, which is basically running software that will try looking to exploit that vulnerability. thousands of password combos until they break in. Here are simple actions you can take to improve the security of your Home network: How to secure your router and Wi-Fi Since the beginning of March, there has been an increase on attacks on home routers. Attackers are “brute forcing” to get into our networks, which means they are running software that will try thousands of password combos until they break in. 8 | Protecting your home network from cyber attacks wiredscore.com
FOUR EASY STEPS TO SECURE YOUR HOME NETWORK 1. Change the default password on your • When you open an internet browser, you will need router and Wi-Fi: to visit a website based on a string of numbers. This is often printed on the back of the router and will be If you are like most of us, you are using a router something like https://192.168.1.1 supplied by your ISP and have never changed the • Login to your router with the router’s admin default password or Wi-Fi info, which is a major password (on the back of your router). security flaw. Most of these passwords are easily • The user name is admin. You can find the default broken, and there’s even a website dedicated too router administrator password on your router label. default router passwords to help people who • Replace the current admin password with a new can’t access it - this is candy for cybercriminals. one that’s strong and easy for you to remember. Follow your router on-screen or user guide detailed Most routers have the ability to be accessed instructions. via a webpage, but check your ISPs website for • Now do the same for your Wi-Fi password (pick instructions for accessing yours, most should look one different than the previous). Set up a strong something like this: password by picking a long, unique mix of numbers, letters and symbols. Your password should be 12 or more characters (don’t forget to log back in on all of your devices connected to Wi-Fi). • While still in your router, proceed to steps 2 & 3. wiredscore.com Protecting your home network from cyber attacks | 9
2. Keep your router’s firmware up to date Because it’s hard to determine which specific router models and firmware versions are Once logged into your router (See Step 1 above), vulnerable, it’s best to simply turn off this feature if ensure there aren’t any pending software updates. possible, which can be done while logged into your Most routers will download these automatically, router. Searching in Google “turn off WPS ” should explain exactly how if it’s update. Be sure to download the latest software. not immediately obvious. 3. Disable WPS 4. Enable the latest security WPS allows you to quickly and easily connect Under Security Options or a similar section your Wi-Fi router to your devices (e.g. a cell in your router, make sure the security for your phone) either via a button on the router or a pin network is set to WPA2-PSK [AES] or the highest code printed on a sticker. A serious vulnerability available setting. WPA2-PSK [AES] is currently was found in many ISP vendor implementations the strongest level available for home wireless of WPS years ago that allows hackers to break into networks. networks, it also gives anyone with physical access to your router the ability to connect. 10 | Protecting your home network from cyber attacks wiredscore.com
HOW TO SECURE YOUR DEVICES? 1. Keep your connected devices up to date Having a secure router is great, but it’s useless if you’ve put off a Windows or iOS software update for the last two years. Any device connected to your network can serve as a backdoor into all of your devices. Install security patches and updates as recommended by your computer’s operating system (Windows or macOS) and mobile devices, as all of these manufacturers constantly patch newly exposed security flaws. If you’re not sure how, simply Google search “How to update software ”. wiredscore.com Protecting your home network from cyber attacks | 11
2. Enable the firewall on your desktop and b. For Windows, in the Cortana search box, enter laptop Firewall. Click Windows Firewall in the search results. In the Windows Firewall window that A firewall is a security feature designed to help appears, make sure that Windows Firewall is on. protect your computer and personal data from If it isn’t, click the Turn Windows Firewall On or unauthorized access and alert you to immediate Off link in the left pane of the window. threats. Most devices now come with built-in firewalls and they just need to be enabled. See 3. Smart Home and Streaming securely below depending on your device: Most IoT (Internet of Things) devices and a. On a Mac, choose Apple menu > System streaming devices (e.g Roku, Fire TV Stick, Apple Preferences, click Security & Privacy, then TV) also have a default password that is just a click Firewall. ... Click Firewall Options. If the Google search away. We strongly recommend Firewall Options button is disabled, first click updating passwords on all of these devices using Turn On Firewall to turn on the firewall for your user manual, and also confirm that firmware your Mac. updates are set to auto in the settings. It’s also considered a best practice to connect these devices to a separate “Guest Network” in your router to keep them separate from your phones and computers, which will have more personal data. 12 | Protecting your home network from cyber attacks wiredscore.com
Wired Certification is the internationally recognized rating system that helps landlords design and promote their buildings’ great digital connectivity to tenants. Employees working in Wired Certified buildings benefit from knowing their businesses are supported by the latest in in-building technology and digital connectivity. If you’re a landlord or tenant interested in learning about getting your building Wired Certified, schedule a call with our team by clicking the button below. C ONTACT US 13 | Protecting your home network from cyber attacks wiredscore.com
Content clarification: This article is written Need more information to answer for home users and clients with basic internet requirements. Many of our clients are using • How to protect yourself from cyberattacks when VPNs to connect to corporate networks, which is working from home during COVID-19 where the biggest risk lies currently. This could be a separate article regarding considerations for • Governments experience surge in cyberattacks accessing your work network securely or add-in here; I was just cognizant of length. • Zoom Domains Targeted by Hackers, as Use Surges with COVID-19 Author: John Meko, Director of Engineering, North America, WiredScore • COVID-19 Cyber Threats: Hackers Target DNS Routers, Remote Work • COVID-19 Phishing Schemes Escalate; FBI Issues Warning wiredscore.com Protecting your home network from cyber attacks | 14
You can also read