As most businesses implement Work From Home capabilities, American Cyber Security Management (ACSM) wants to remind the workforce that security best practices still need to be followed. We recommend some basic efforts to help keep your systems secure while at home or working remotely.
During this pandemic, threat actors have ramped up their efforts to compromise emails, gain inappropriate access, and provide misleading information. Our own clients have seen a noted increase in phishing emails recently. We are also seeing U.S. national systems experience an increase of attacks.
Even the US Health and Human Services website was compromised: (https://www.infosecurity-magazine.com/news/us-health-department-hacked/).
Here are some basic precautions you can take while working at home:
- Change the Default Password on your home router.
- Be sure to use a complex password of 10+ characters
- Also, specifically, if you are an Xfinity/Comcast user, be sure to disable the “Xfinity” default SSID. This default configuration broadcasts an Xfinity SSID and allows any Xfinity user to login to the access point through their Xfinity account and utilize your wifi system.
- Continue to be diligent in not clicking on URL links in your emails. More phishing emails will be experienced during this time and employees need to be wary of the increase in this activity.
- Once again, always discuss requests that come for “movement of funds”. Threat actors will continue to try to persuade employees to move and re-allocate company funds to a false account, especially for currently sensitive services like company travel or healthcare-related costs (e.g., facilities sanitation)
- Ensure the request is legitimate
- Check with the requestor directly – Video Conf, phone call
- Utilize fax numbers if you believe the email has been compromised.
- When responding to emails, ensure correct emails are used. Just do a quick double-check that you are sending emails to the correct person. Check for malicious/false emails that may have been added to the email list.
Additional precautions recommended by the Center for Internet Security are (https://www.cisecurity.org/blog/5-network-security-remedies-for-telework/):
- Practice smart password management and enable two-factor authentication (2FA) wherever possible.
- This includes accessing the administrative router/modem, Internet Service Provider (ISP) web portal, or a mobile app used for home network management. Anyone with the ability to access these platforms may be able to access sensitive information traversing the home network and modify critical security settings within the network.
- Enable automatic updates for all routers and modems.
- Software updates are extremely important as new security flaws are constantly discovered. Simply installing updates from the device manufacturer mitigates many of these problems. This is best accomplished by enabling “auto-update” with the device’s administration page.
- Turn off WPS and UPnP.
- Wireless Protected Setup (WPS) was initially designed as a user-friendly method for new devices to connect to a WiFi network. Unfortunately, it’s been found to allow attackers to connect to WiFi networks without permission. Universal Plug and Play (UPnP) is a network protocol suite that allows devices on a network to easily communicate but has been found to contain numerous and severe security flaws. Getting these two settings correct can have a large positive impact on home network security.
- Turn on WPA2 or WPA3.
- Old and ineffective types of cryptography plague older network devices. Ensuring strong forms of cryptography are in use within home networks can thwart others from viewing sensitive information without authorization. At a minimum, configure WPA2 for home use.
- Configure the router, or modem, firewall.
- Firewalls help prevent malicious network traffic attempting to enter a network from reaching specific devices. Firewalls generally come built-in to most home routers but they must be properly enabled.
American Cyber Security Management is a leader in data privacy, cybersecurity, and secure DevOps. Our mission is to help enterprises protect their data from internal and external threats. We offer on-demand assessment, implementation, and sustainability services that focus on GDPR readiness and compliance, risk reduction and mitigation, and application reliability, integrity, and security. https://www.americancsm.com