Cybersecurity Awareness is all about highlighting the importance of good cybersecurity hygiene that will help us all stay safer when traversing the Internet. For those of us in the cybersecurity industry, we often focus on flexing our cybersecurity skills in the workplace to make sure we’re not an exposure point for our organisations, which are increasingly being targeted by hackers looking to catch us unaware.
This is a follow on from our blog “How to Get Hacked This or Any Holiday Season”.
However, an often overlooked but important cybersecurity priority is securing our home networks to prevent workplace data breaches and of course to prevent privacy breaches that can lead to identity theft, as these are major target for cyber criminals/hackers. After all, in today’s society, so many of us are working from home, and now especially with the COVID-19 pandemic and with the lockdown and social distancing in place all around the world.
Working from home (WFH) at one point was a privilege that few companies allowed, but now it has become a necessity. Any time we are logging into workplace apps or looking at workplace data, no matter where we happen to be logging in, we are opening the door for hackers. Because of that, our home networks must be secured just like our workplace networks to truly protect ourselves and the company that employs us from increasingly sophisticated, well-funded hackers.
But how exactly do you do that? Thankfully, the same people responsible for securing your workplace can also help you secure your home network to the benefit of everyone involved. Talk to your IT security or network team to see how they can help.
Here are a few tips on how to shore up your home network and keep hackers at bay.
Understand Your Home Network
Before you can secure your home network, you must understand what it entails. In 2008, the extent of home networks was likely a modem, router and one or two computers. But in 2020, that network looks very different, incorporating not only computers but also smartphones, tablets, home assistants like Amazon’s Alexa, Google Home, smart televisions, security cameras and even smart appliances like refrigerators and washing machines – and let’ not forget about the smart toys that can access the internet. As the internet of things (IoT) continues to expand, it’s imperative that you get a handle on all of the devices in your home connected to your network.
Understand its Limitations
IoT devices inarguably make our lives easier. Who doesn’t want a perfectly brewed, hot cup of coffee awaiting them when they walk into the kitchen each morning? However, the convenience of IoT devices may also be sacrificing the security of your home network. IoT devices are notoriously insecure, many without password protection or the ability to be patched in the event of cybersecurity issues. They’re also often exposed (and searchable) to the outside world, giving hackers an easy entry point into your network. When you combine these vulnerable devices with outdated home routers (which aren’t very secure to being with, and now often offering remote administration), improper configurations (with most having the default admin account and password left as factory settings),  you have a recipe for disaster when it comes to securing your home network.
Routers and WIFI
As most homes now have a router and the majority of them come with Wi-fi, how many of us actually configure them correctly?
Even though the router supplied by your network provider are to a point preconfigured to work with ADSL or with NBN, how many of us have actually logged into our router to check if it has been configured correctly? Well, not many of us. The majority of users just blindly follow the provider’s instructions and plug in and “pray” they work and they often do – with only basic security settings in place.
Often these router/Wi-Fi access points are configured to minimum standards, so make sure you check them to ensure they are configured correctly to protect you and your family, as well as your work data from hackers.
Unfortunately, most routers don’t have a firewall to stop or even to deter hackers, despite the fact that the most vulnerable and common scanned function by hackers is the Wi-Fi access points and open guest access; a function of  which many new wi-fi routers now provide so that your visitors/guests don’t have to enter your Wi-Fi password. It gives them open access, and also gives your neighbours and your surrounding community that find them access to your networks if not configured correctly. Not to mention free internet – and they might even “thank you” for it and so will the hackers.
Hackers will use this to either get your private information to use for identity theft, get access to your company’s data if you’re working from home, or use your network as a jump point for another target, that will not lead authorities to them but to you.
As with all access points there are risks associated with them. So how do you best protect them and your data from hackers?
Let’s start by saying that if you do want to use the guest network capabilities of your wi-fi router check what security options are available and turn them either on or off to give the best protection.
A few of the setting you should look for and disable are (wording and format will vary by router model and manufacturer):
- Allow Guests to Access Each Other
- Allow Guests to Access My Local Network
- Allow Guests to Access My USB Storage Sharing
Another one to look out for and enable is called “Clients Isolation”. As mentioned before, each wi-fi router will have its own terminology – these are just some of the examples out there.
One setting that you should enable is wi-fi security for guest wi-fi network and give it a strong password, but make sure it is not the same as or similar to your main wi-fi password.
This should provide reasonable protection but remember that nothing is truly protected. Consider adding a firewall to your network for additional protection.
Remember DEBPT
Despite these challenges, it is possible to secure today’s home network. How do you do it? Focus on the following five factors, and you’ll be well on your way to a more secure home network:
- D is for DNS: Deploy a DNS solution that helps you avoid connecting to known bad entities while you’re using the internet. You can also find enhanced solutions that offer additional features like phishing protection and content filtering.
- E is for Encryption: Encryption converts your data into a cipher or code to prevent unauthorised access. By using a solution like Stubby to encrypt your DNS queries or tunnelling your traffic through a VPN, you can use encryption to add a layer of protection to your home network.
- B is for Barricade: Another way to improve your home network security is by deploying a firewall to protect your devices from unsolicited connection attempts. While this won’t stop the most enterprising of hackers, it can go a long way in blocking many attacks. Other ways to barricade include turning off remote administration for your router and segmenting your devices by their level of vulnerability and importance, so you can place more controls on your laptop than you do on your wi-fi enabled lightbulbs.
- P is for Patch: This one is relatively simple. Buy things that can be patched to protect yourself against future vulnerabilities. This may mean spending a little bit more on the devices you purchase and connect to your home network, but it is well worth the cost for a more secure home network.
- T is for Test: Last but not least, test to make sure you’ve done your job well in securing your home network. You can run scans on a number of websites, or even hire someone with a professional accreditation to help set up and test your home network for vulnerabilities.
This might seem like a lot of work, but it is ultimately worth the investment of time and energy if it protects your home network – and by extension your workplace network – from hackers seeking easy entry. If you’re in over your head, you can also reach out to your organisation’s IT team for some input or reach out to us for assistance.
After all, it’s their responsibility to secure the workplace, and employees play a huge role in those efforts, both at work and at home. You can also seek out experts to make sure your home network is up to scratch as an added insurance policy against cyberattacks.
Passwords
Now with the onset of the COVID-19 and more people working from home, the password has now become a key factor for access. Many corporate systems cater for this with complex password setting configure for the system and MFA for remote access.
How about the home setup and online accounts?
Most users tend forget about them and use standardised passwords that would otherwise fail complexity rules. Even if they don’t, they are usually in some way linked to the person’s identity e.g birthdate, partners name or date of birth, anniversary when first met etc…, these should be avoided at all costs.
To help strengthen your password, add a 4 digit/character at the end – something like “@W3e”; adding a special character, Uppercase and number will help secure the password.
To give you an example I am going to use a very basic and common password for this exercise ( DO NOT USE THIS IN YOUR ACTUAL ACCOUNTS). I have used the following URL to test this : https://www.my1login.com/resources/password-strength-test/
| Password | Time to crack | Password | Time to crack |
| Password@123 | 0.01 second | Password@123@Wsx | 4 hours |
| Password@123@w3e | 5.51Min | Password@123@WsX | 9 Hours |
| Password@123@W3e | 11.02Min | Password@123@WbP | 14 Hours |
| Password@123&W3e | 45.93Min | Password@123&WbP | 6 Days |
This shows how the use of certain combinations and the addition of extra characters as the end can increase the effort taken for a hacker to crack your password.
Generally, employees know the risks of data breaches and are having conversations about how to prevent them. But while knowing is half the battle, doing is even more important. What are you doing to secure your home network?
The top 10 most common passwords are:
These are the 10 ( the actual list contains 25) most common passwords since 2011 as complied by SplashData.
Avoid using them or be prepared for the consequences.
| Top 10 most common passwords by year according to SplashData | |||
| Rank | 2017[9] | 2018[10] | 2019[11] |
| 1 | 123456 | 123456 | 123456 |
| 2 | password | password | 123456789 |
| 3 | 12345678 | 123456789 | qwerty |
| 4 | qwerty | 12345678 | password |
| 5 | 12345 | 12345 | 1234567 |
| 6 | 123456789 | 111111 | 12345678 |
| 7 | letmein | 1234567 | 12345 |
| 8 | 1234567 | sunshine | iloveyou |
| 9 | football | qwerty | 111111 |
| 10 | iloveyou | iloveyou | 123123 |
Wiki list of common password: https://en.wikipedia.org/wiki/List_of_the_most_common_passwords
Conclusion
Many of us are now working from home due to COVID-19. This has facilitated in accelerating the process with employers allowing their employees to work from home and strive towards work-life balance.
Of course, this has also led to increasing an organisation’s security posture in relation to WFH and remote access for their employees. This has or will force many employees to revisit their own home network security posture and improve and strengthen it.
Having an IT security policy relating to WFH and remote access being communicated throughout the organisation will be helpful in making this front of mind and in prompting team members to audit their home network security. Making assistance from the organisation’s security and network teams available to employees to help configure and improve their network security will benefit both the employee and the organisation and will reduce the likelihood of data breaches at home and work – thus being a win-win outcome for both.
Have you locked the door behind you or have you left the key in the lock?
