Tuesday, 11th August 2020

The Art of Self Defence: Why it’s time to practice cyber distancing

By Tim Bandos, VP Cybersecurity, Digital Guardian.

In recent weeks, the majority of the workforce has undergone a titanic shift from being office based to working remotely from home. For many, this will have been their first experience as a full-time virtual worker. One that has required them to adapt fast to the new normal.+

While working from home has some upsides – including a welcome break from the daily commute – there’s no denying it comes with its own unique setof challenges. Everything from having to embrace new ways of collaborating with colleagues, to staying engaged with the job in hand when family members are demanding time and attention.

In this brave new world, the lines between our professional lives and everyday living can quickly blur. Work devices get used for personal activities, like online shopping – while personal devices get used late in the evening to quickly check work emails.

Unfortunately, these behaviours can open the door for hackers. Giving them new, potentially unprotected avenues to steal sensitive data or access vulnerable company networks.

Practicing the art of cyber distancing

Just as social distancing plays a key role in halting the spread of COVID-19, establishing a safe distance between our home and work lives from a digital perspective is paramount. Because cybercriminals are taking advantage of the current situation to exploit the fact that working from home means people’s guards are down. Which means they may be more prone to clicking on a malicious email, especially if this link promises new information on the ongoing pandemic.

But that’s not the only issue. Not all remote working set ups are created equal. While some home networks may feature industrial-strength next generation firewalls and two-factor WiFi authentication, others will be much more vulnerable. That’s especially true when employees are using a router provided for free by their internet provider five years ago - and have not changed the default password and settings it came with.

This poses a significant risk to both the enterprise and every individual who now finds themselves working from home.

Simple steps for boosting home network security

Staying safe at home now, more than ever, depends on everyone practicing some basic cyber security skills. Fortunately, there are a number of simple steps that everyone can implement from the comfort of their home to boost their security position.

Changing the default administrative password on the home router should be the #1 top priority. This can be done by accessing the router homepage, which is usually located by typing either http://192.168.11 or http://192.168.0.1 into your web browser’s navigation bar.

Once here, the next task is to set a strong password for accessing the home Wi-Fi network with WPA2 encryption. Aim for a password that is 20+ characters in length and features numbers, letters and symbols.

Next, check that the remote access setting is disabled to ensure the Wi-Fi’s network SSID (network name) is not being broadcast to neighbours or anyone in the vicinity of the property. Finally, router firmware should be checked; routers typically do not come with an auto-update feature so it’s a good idea to review every six months or so, to ensure firmware stays free of potential flaws and vulnerabilities.

Lastly, check and harden any connected IoT devices, like webcams. These smart devices often come with weak default credentials and custom ports that can open up gaping holes in the home network. Update passwords with something complex and modify the default ports each device listens to. This will require something called Port Forwarding on the router.

Maintain security best-practice behaviours

The primary attack vector for COVID-19 themed attacks has been via phishing emails that prey on people’s fears. Since the crisis began, there has been a massive uptick in campaigns that are using messaging around the pandemic to the advantage of cybercriminals.

To avoid letting uninvited guests in, everyone needs to be hypervigilant and modify their online behaviours to incorporate security best practice. This includes never clicking on suspicious email links and attachments. Similarly, always validate the full sender’s email address – emails may appear to come from the CEO or CFO of a company but are actually being sent from a @yahoo or @gmail account, and not an internal work account.

Finally, everyone should be suspicious of any email requesting personal data; the government is not going to send you an email requesting personal financial information. Similarly, watch out for scare tactics from criminals posing as a bank or online service provider.

Wherever possible, staying connected to the work environment via a VPN will add a further additional security layer to the home network. If personal laptops are being used for work, users will need to keep these fully patched and should consider installing a credible antivirus solution for added protection.

Keeping people and networks safe

The security risks associated with remote working aren’t new. But the sheer number of people now working out of their kitchens and dining rooms has ramped the potential threat risk to an unprecedented level.

By practicing the art of cyber distancing and applying some common sense, we can all take steps to protect ourselves from becoming the next cyberattack victim – and keep the sensitive data of the companies we work for safe.

BIO:

Tim Bandos, VP Cybersecurity, Digital Guardian

Tim Bandos, CISSP, CISA is Vice President of Cybersecurity at Digital Guardian and an expert in incident response and threat hunting. He has over 15 years of experience in the cybersecurity realm at a Fortune 100 company with a heavy focus on Internal Controls, Incident Response & Threat Intelligence. At this global manufacturer, he built and managed the company’s incident response team. Tim has a wealth of practical knowledge gained from tracking and hunting advanced threats targeted at stealing highly sensitive data.

By Joseph Carson, chief security scientist at Thycotic.
By Miles Tappin, Vice President, EMEA at ThreatConnect.
By Dan Schiappa, Executive Vice President and Chief Product Officer, Sophos.
By Jesper Frederiksen, VP and GM EMEA at Okta.
By Keith Banham, mainframe R&D manager at Macro 4, a division of UNICOM Global.
By Mikkel Stegmann, Principal Scientist at Fingerprints.