The internet has changed the way we do business, communicate with one another, and live our lives. However, this advancement has led to security challenges both at work and at home. While workplaces are investing time, money, and personnel into battling cyberattacks, home networks (and awareness about home security) remain woefully underprepared for breaches.
With the surfeit of connected devices – from toys and appliances to cars and voice-controlled assistants – now available for purchase and use, attackers have a variety of entry points and techniques to exploit home networks while homeowners remain blissfully unaware. Here are just a few examples of how your home and its connected devices can be breached:
Man in the Middle
Attackers can intercept your devices’ communication with other ostensibly trusted parties and use that information to their advantage. This is especially likely when there’s a lack of authentication between the communicating devices/endpoints.
Cryptojacking
With cryptocurrency constantly rising in value, your home devices’ processing power can be used by attackers to mine cryptocurrency. Consider a ‘smart fridge’ or any other such appliance that has a conventional use and a digital use. Its digital processing power can be used for nefarious purposes without you ever realizing.
Simple data theft
Attackers can compromise your wi-fi network and ‘listen in’ on sensitive information that gets relayed through your home network. This information, including financial transactions, can be exploited for monetary gain.
Lateral movement
Sometimes your devices can be a means to an end. Attackers will scan your home environment, spot a vulnerable device, and compromise it before using that device as a command center to move onto other devices on your network.
While there’s no one-shot panacea to home security, homeowners can take a series of straightforward steps to make attacks much more difficult and ‘not worth it’ for attackers. One of the main reasons home networks are targeted is because attackers find it easy to infiltrate systems that aren’t prone to the same scrutiny that work networks are.
Router Best Practices
Your wireless router is the cornerstone of your home network as well as the first point of entry for most attackers. Follow these best practices to ensure the security of your router:
- Change the default login details (which are usually ‘admin’ and ‘password’) to a strong password. Strong passwords are usually a series of letters, numbers, and special characters, or are multiple words strung together. Refer to NIST guidelines for generating strong passwords.
- Ensure that your wi-fi network has WPA2 encryption. Although not without its chinks, WPA2 is much more secure than WPA or WEP.
- If possible, invest in routers with built-in firewalls that add an extra layer of protection from attacks.
- If you’re going to be away from home for extended periods of time, turn off your wireless network during your absence. In addition to being secure, this also protects your router from any sudden power surges and outages.
- Pay attention to the physical location of your router. Try keeping the router as close as possible to the middle of your house. This has dual benefits – a central location enables internet access in all corners of your house and also ensures that your router’s reach isn’t far beyond the confines of your walls.
Password Managers
The router is just one device, but homeowners today employ a range of online services for everything from music and entertainment to finance and utilities. While it’s tempting to keep the same password for all online services (even a strong password), that method is ill-advised because just one third-party compromise could lead to a domino effect and lay bare a range of confidential data.
Keep different passwords for each service and use a password manager to keep track of all passwords. That way, even if your online poker account gets hacked someday, you aren’t forced to show your entire hand.
All About That Admin
Computer devices have an administrator account that has overarching privileges and can be used to access all data in the system. If attackers somehow tunnel into the admin account, they can cause wide-reaching havoc. To prevent (or at least minimize) the likelihood of this, create a non-admin account on your computing device and use it for most of your day-to-day needs. Additionally, change the default login settings for your admin account unless you want to fall prey to root access bugs.
Always Be Updating
Devices with out-of-date or unpatched software are usually prime targets for attack. Ensure that all your devices – even newer IoT devices where it’s tougher to ascertain software versions – are patched and updated to the latest versions constantly. Turn on auto-updating capabilities for all possible devices and keep a cadence for updating and maintenance for devices where auto-updating isn’t possible.
Sandboxing
A common entry point for attackers is embedding malicious files in fake websites and attachments that homeowners unsuspectingly open or visit. To prevent this, use browsers with sandboxing capabilities (such as Chrome or Safari) while surfing the internet. Also use document readers with sandboxing capabilities (such as Adobe or Foxit) to block execution of malicious files even if you happen to open them by mistake.
Hedging Against Lost or Compromised Devices
Despite your best efforts, it’s always possible that you still fall prey to an attack or lose your device. Be prepared for this eventuality by taking regular backups of all device data, enabling Full Disk Encryption (FDE) on supported devices, and protecting devices with strong passwords and PIN codes.
These tips are just an illustrative starting point for securing your home networks but following them can greatly reduce your risk of compromise and make ‘Home Sweet Home’ stay ‘Home Secure Home’ as well.
- Home Network Security in the Internet Age - October 21, 2018