In the last few months, the COVID-19 pandemic has turned much of the world on its head. From a work perspective, many people that typically spend Monday to Friday in the office have suddenly found themselves transformed into full-time remote workers, some for the first time in their professional careers. Working from home comes with some undeniable upsides – such as the much-welcomed lack of commute – but it also presents a number of challenges, particularly from a security perspective. The blurring of the lines between work and personal lives can quickly make people forget the security protocols that are drilled into them in an office environment. Work devices soon start getting used for personal activities and vice versa. Add other family members into the mix and security best-practice quickly goes right out the window. Unfortunately, this leaves the door wide open for hackers, who can take advantage of the unusual situation we all find ourselves in to steal sensitive data or access vulnerable company networks.
Of course, the security risks associated with remote working aren’t new, but the sheer number of people currently working out of their kitchens and dining rooms has ramped the threat up to unprecedented levels. For this reason, it’s crucial that everyone practices the art of cyber distancing as much as possible. Just as social distancing is playing a key role in halting the spread COVID-19, establishing a safe distance between our work and home lives from a digital perspective can help many of us avoid becoming the next cyber attack victim.
In order to protect ourselves effectively, it’s important to first understand the extent of the threat faced right now. COVID-19 themed phishing emails are suddenly everywhere and for good reason. Criminals know that many people’s guards are down, making them more prone to clicking on malicious email links, particularly if the link promises new information about the ongoing pandemic.
Of course, not all remote working setups are created equal. Some home networks are outfitted with industrial next generation firewalls, two-factor authenticated Wi-Fi hotspots, and the endless parade of cybersecurity products you can purchase to protect the perimeter. However, a good deal of others are still using the same router they got free from their internet provider five years ago. In fact, they’ve probably never even changed the default password and settings it came with.
This is the type of behaviour that needs to change as soon as possible. Now is the time to distance ourselves from our traditional cyber activities. But how? Below are some key recommendations:
Use the existing tools at your disposal to boost home network security
All of the below recommendations can be done quickly and easily from the comfort of your own home. Some may sound difficult, but they’re actually very easy to implement. You just need to access your router’s homepage – most of the time it’s located at http://192.168.1.1 or possibly http://192.168.0.1. Typically, this information, along with the default password is located on the router itself as well. Once you’ve typed this information into your web browser’s navigation bar, hit enter and it’ll prompt you for a username and password.
- Change default passwords: Changing the administrative password on the router is a good idea. Sometimes it comes with a complex password which is good, but it’s even better when it’s something only you know.
- Set a strong password to access Wi-Fi with WPA2 encryption: A solid password is typically 20+ characters in length with numbers, letters, and symbols. That sounds like a lot but on the plus side, when friends are eventually allowed to come over to your house, they won’t be able to use your internet to stream endless TikTok videos and such.
- Disable remote access: This setting allows you to control your network remotely but also opens up a backdoor for criminals. Ensure this setting is disabled within the configurations; simply look for “Remote Access”.
- Don’t broadcast your Wi-Fi’s network’s SSID: When your SSID, or network name, is broadcasted, that means any neighbour or person walking by can pick up your signal and attempt to access your network. If broadcasting is disabled, you won’t be as easy a target.
- Make sure your router’s firmware is up to date: Routers don’t typically come with an auto-update feature but ensuring your firmware is up to date and free of flaws and vulnerabilities is very important. It’s good to check this every six months or so.
- Harden any connected IoT devices: This one is very important. The prevalence of “smart” everything has led to many of us having a “dumb” network. These smart devices can open up gaping holes in your network, especially since a lot of them come with weak default credentials and custom ports that can notify attackers of their existence. These include devices like webcams made in China. The first thing you should do is update the password with something complex and modify the default ports it listens on. This will require something called Port Forwarding on your router to whatever new port you assigned, but it’s worth it for the added security.
Modify your behaviour to incorporate security best-practice
While working from home, or even when at the office for that matter, follow these steps to avoid letting uninvited guests in.
- Never click on suspicious email links and attachments: This statement sounds so easy and straightforward, yet so many people still continue to fall for this trap. The primary entrance vector for COVID-19 themed attacks have been via phishing emails and we’ve seen a massive uptick in campaigns using this pandemic to their advantage.
- Always validate email addresses: When you receive an email, check out the full sender’s address and don’t rely just on the name you see. Emails can often appear to have come from the CEO or CFO of the company but the email is actually coming from a @yahoo or @gmail account, not an internal work account.
- Don’t reveal personal data: The government is not going to send you an email about your stimulus check requesting personal financial information. These emails are crafted to use scare tactics in order to entice you to give up information. Don’t fall for them.
Add additional security layers wherever possible
The more security layers there are in place, the harder it is for criminals to get in. If possible, stay connected to your work environment via a VPN. Most companies will already have one established for remote work connections but it’s also a great way to add another security layer to your own network. If you’re using your own personal laptop for work, keep it fully patched and up to date. Installing a credible anti-virus solution for added protection certainly doesn’t hurt either.
The recommendations in this article are quick and easy to implement but will go a long way towards keeping you and your company’s sensitive data safe. Cyber security can seem daunting, but so much of it is just common sense and taking the time to think before acting. With that being said, let’s all practice the art of cyber distancing wherever we can and #StaySafeatHome during this truly unprecedented time.
Tim Bandos, CISSP, CISA, CEH is CISO and VP Managed Security Services at Digital Guardian and an expert in incident response and threat hunting. He has over 15 years of experience in the cybersecurity world and has a wealth of practical knowledge gained from tracking and hunting advanced threats that target stealing highly sensitive data. A majority of his career was spent working at a Fortune 100 company where he built an Incident Response organization and he now runs Digital Guardian’s global Security Operation Center for Managed Detection & Response.