WIREDSCORE’S GUIDE ON...
PROTECTING YOUR HOME NETWORKf r o m c y b e r at ta c k s
2 | Protecting your home network from cyber attacks wiredscore.com
WI R E DSCOR E’S G U I DE ON.. . P R O T E C T I N G Y O U R H O M E N E T W O R K
There’s no honor among thieves. Such is the case even in the midst of an international health crisis.
As we’ve all made the shift to remote work, remote
education, and social distancing to stem the spread
of Covid-19, cybercriminals have opportunistically
sprung into action to capitalize on our collective
reliance on connectivity.
While corporations and educational institutions
have the ability to mitigate the risk of attacks
on their network when users are on premise,
remote access opens up an entirely new world of
vulnerability that all are still grappling with.
f r o m c y b e r a t t a c k s
Follow the simple advice in this guide and protect yourself and your privacy.
In this short guide we will explain what type of
attacks are common among work from home
employees during Covid-19.
But do not be alarmed. There are simple steps
you can take today to protect yourself from
opportunistic cyber criminals.
In the second part of this guide we will show you
exactly what you need to do to stay protected.
3Protecting your home network from cyber attacks | wiredscore.com
COMMON TYPES OF CYBER ATTACKS DURING COVID-19
Over the past several weeks, we’ve seen a massive
uptick in cybercrime from social engineering,
phishing, and brute force attacks into our home
networks.
Hackers are shameless and will sink to any means
to obtain your data, this only increases when we
are distracted by world events, with even the World Health Organization being attacked in March.
90% of cyber-attacks start with a phishing
campaign, and hackers are adapting their
methods to take advantage of more people
working from home.
90% of cyber-attacks start with a phishing campaign, and hackers are adapting their methods to
take advantage of more people working from home.
Here are the common ways phishing is used to
steal your personal information:
Phishing Websites
These websites are created to get users to visit
them by mistyping a website name or clicking on a
link that looks similar to a genuine website.
4 | Protecting your home network from cyber attacks wiredscore.com
During a crisis like Covid-19, hackers will increase
the volume of these attacks by registering as
many domains as possible with keywords that are
searched.
• According to the software firm Checkpoint, since the beginning of 2020, there has been a
substantial increase in new domain registration
names that include “Zoom”, the video
conferencing software of choice. Since January
this year, there has been in excess of 1,700
new registered domains with some variation of
‘Zoom’, and 25 percent of those were registered
during the 2nd week of April alone. Seem
suspicious?
A phishing website tries to steal your passwords or other confidential information by making you think it’s a
genuine and secure website.
• Google also saw a 350% increase in phishing
websites looking to capitalize on our desire for
information, posing as health organizations,
charities, and research institutes. In January
2020, there were a total of 149,195 active
Covid-19 related phishing sites. This number
leaped 100 % to 293,235 in February and
nearly doubled again by March, totalling
522,495 registered Covid-19 phishing sites.
5Protecting your home network from cyber attacks | wiredscore.com
Phishing Emails
If you want to see what these look like, check your
Spam folder! We’ve all seen these, they are usually
poorly written, sometimes from someone we know,
and try to get us to download an attachment to
launch malware onto your computer.
What’s the problem then if my Spam folder
captures them all?
Unfortunately many do get past your spam, and
hit your inbox. Cybercriminals get smarter all the
time and email providers need to continually play
catch up.
6 | Protecting your home network from cyber attacks wiredscore.com
There are several types of phishing emails you should be looking out for:
Company Info: Cybercriminals are targeting
remote employees with company messages that
notify workers of a positive Covid-19 test within
their organization. The messages contain malicious
attachments disguised as protocols that the
company is undertaking as well as a “flyer” that
recipients are asked to open, read and print out.
Government and Covid-19 Related Info: There has been a large uptick in attempts
from emails sent from seemingly legitimate
organizations, to ask for charitable contributions,
general financial relief, airline carrier refunds, fake
cures and vaccines, and fake testing kits.
In the US, Americans will be getting stimulus
checks in Q2, but the FBI warns hackers will
be capitalizing on this to steal information via
phishing emails. They indicated that in no way will
any government agency be reaching out over email
for personal information.
7Protecting your home network from cyber attacks | wiredscore.com
HOW TO PROTECT YOURSELF FROM PHISHING WEBSITES AND EMAILS?
• Check the content of an email, look for
misspelled words and closely examine the return
address. Typically these emails will be especially
vague or general.
• Don’t open unknown attachments or click on
links within the emails or text messages.
• Beware of lookalike domains, double check that
you are on a secure website with the correct
URL before entering passwords or personal
information.
Now you know how to protect yourself from cyber attacks that we can typically see and identify, but what about those attacks we can’t?
• Go to the domain of the senders email address to
help verify the legitimacy.
• Example: [email protected]
WiredScore.com is a real site.
8 | Protecting your home network from cyber attacks wiredscore.com
HOME NETWORK SECURITY
Unfortunately, there isn’t just one tool in the hacker
toolkit, and the more sophisticated attackers will
target the actual networks we connect to, rather
than use websites or emails. By nature, our home
networks don’t have the same security that would be
in place in a corporate environment and hackers are
looking to exploit that vulnerability.
Here are simple actions you can take to improve the security of your Home network:
How to secure your router and Wi-Fi
Since the beginning of March, there has been an
increase on attacks on home routers.
Attackers are “brute forcing” to get into our
networks, which means they are running software
that will try thousands of password combos
until they break in.
Attackers are “brute forcing” to get into our networks, which is basically running software that will try
thousands of password combos until they break in.
Once in, they are changing our router settings to
automatically route us to phishing sites like the
ones we just explained.
9Protecting your home network from cyber attacks | wiredscore.com
FOUR EASY STEPS TO SECURE YOUR HOME NETWORK
1. Change the default password on your router and Wi-Fi:
If you are like most of us, you are using a router
supplied by your ISP and have never changed the
default password or Wi-Fi info, which is a major
security flaw. Most of these passwords are easily
broken, and there’s even a website dedicated too
default router passwords to help people who
can’t access it - this is candy for cybercriminals.
Most routers have the ability to be accessed
via a webpage, but check your ISPs website for
instructions for accessing yours, most should look
something like this:
• When you open an internet browser, you will need
to visit a website based on a string of numbers. This
is often printed on the back of the router and will be
something like https://192.168.1.1• Login to your router with the router’s admin
password (on the back of your router).• The user name is admin. You can find the default
router administrator password on your router label.
• Replace the current admin password with a new
one that’s strong and easy for you to remember.
Follow your router on-screen or user guide detailed
instructions.
• Now do the same for your Wi-Fi password (pick
one different than the previous). Set up a strong
password by picking a long, unique mix of numbers,
letters and symbols. Your password should be 12 or
more characters (don’t forget to log back in on all of
your devices connected to Wi-Fi).
• While still in your router, proceed to steps 2 & 3.
10 | Protecting your home network from cyber attacks wiredscore.com
2. Keep your router’s firmware up to date
Once logged into your router (See Step 1 above),
ensure there aren’t any pending software updates.
Most routers will download these automatically,
but many older devices will require a manual
update. Be sure to download the latest software.
3. Disable WPS
WPS allows you to quickly and easily connect
your Wi-Fi router to your devices (e.g. a cell
phone) either via a button on the router or a pin
code printed on a sticker. A serious vulnerability
was found in many ISP vendor implementations
of WPS years ago that allows hackers to break into
networks, it also gives anyone with physical access
to your router the ability to connect.
Because it’s hard to determine which specific
router models and firmware versions are
vulnerable, it’s best to simply turn off this feature if
possible, which can be done while logged into your
router. Searching in Google “turn off WPS <ISP
provider name>” should explain exactly how if it’s
not immediately obvious.
4. Enable the latest security
Under Security Options or a similar section
in your router, make sure the security for your
network is set to WPA2-PSK [AES] or the highest
available setting. WPA2-PSK [AES] is currently
the strongest level available for home wireless
networks.
11Protecting your home network from cyber attacks | wiredscore.com
HOW TO SECURE YOUR DEVICES?
1. Keep your connected devices up to date
Having a secure router is great, but it’s useless if
you’ve put off a Windows or iOS software update
for the last two years. Any device connected to
your network can serve as a backdoor into all of
your devices. Install security patches and updates
as recommended by your computer’s operating
system (Windows or macOS) and mobile devices,
as all of these manufacturers constantly patch
newly exposed security flaws. If you’re not sure
how, simply Google search “How to update
software <windows or mac>”.
12 | Protecting your home network from cyber attacks wiredscore.com
2. Enable the firewall on your desktop and laptop
A firewall is a security feature designed to help
protect your computer and personal data from
unauthorized access and alert you to immediate
threats. Most devices now come with built-in
firewalls and they just need to be enabled. See
below depending on your device:
a. On a Mac, choose Apple menu > System
Preferences, click Security & Privacy, then
click Firewall. ... Click Firewall Options. If the
Firewall Options button is disabled, first click
Turn On Firewall to turn on the firewall for
your Mac.
b. For Windows, in the Cortana search box, enter
Firewall. Click Windows Firewall in the search
results. In the Windows Firewall window that
appears, make sure that Windows Firewall is on.
If it isn’t, click the Turn Windows Firewall On or
Off link in the left pane of the window.
3. Smart Home and Streaming securely
Most IoT (Internet of Things) devices and
streaming devices (e.g Roku, Fire TV Stick, Apple
TV) also have a default password that is just a
Google search away. We strongly recommend
updating passwords on all of these devices using
your user manual, and also confirm that firmware
updates are set to auto in the settings.
It’s also considered a best practice to connect these
devices to a separate “Guest Network” in your
router to keep them separate from your phones and
computers, which will have more personal data.
13 | Protecting your home network from cyber attacks wiredscore.com
Wired Certification is the internationally recognized rating
system that helps landlords design and promote their
buildings’ great digital connectivity to tenants.
Employees working in Wired Certified buildings benefit
from knowing their businesses are supported by the latest
in in-building technology and digital connectivity.
If you’re a landlord or tenant interested in learning about
getting your building Wired Certified, schedule a call with
our team by clicking the button below.
CONTACT US
• How to protect yourself from cyberattacks when working from home during COVID-19
• Governments experience surge in cyberattacks
• Zoom Domains Targeted by Hackers, as Use Surges with COVID-19
• COVID-19 Cyber Threats: Hackers Target DNS Routers, Remote Work
• COVID-19 Phishing Schemes Escalate; FBI Issues Warning
Need more information to answer
14Protecting your home network from cyber attacks | wiredscore.com
Content clarification: This article is written
for home users and clients with basic internet
requirements. Many of our clients are using
VPNs to connect to corporate networks, which is
where the biggest risk lies currently. This could
be a separate article regarding considerations for
accessing your work network securely or add-in
here; I was just cognizant of length.
Author: John Meko, Director of Engineering, North
America, WiredScore