By: Michael Jervis
October has been designated National Cyber Security Awareness Month by the Department of Homeland Security, and in the first week of the month we are focusing on developing good cybersecurity habits in our most personal spaces – our homes. Most of us are aware that in the age of nearly ubiquitous WiFi, as well as the near-constant presence of mobile phones, the cyber world extends into our living rooms, bedrooms and kitchens. Anywhere the internet reaches, so do the cyber threats. The seemingly constant stream of news about cyber threats and attacks can seem daunting, but there are several things we can all do in as little as a few hours that will go a long way to staving off many of the most common threats.
- Be aware of which devices in your home are connected to the outside world. An increasing number of consumer products are internet enabled – i.e. part of the “Internet of Things” (IoT). These include refrigerators that will order replacement groceries when the ketchup runs low, washers and dryers that send a text message when laundry is done, and baby monitors and security systems that can stream audio and video across the internet at any time. These devices are a common attack point for cyber criminals as a launching pad for other intrusions. In fact, one of the largest ever hacker-created internet disruptions was launched from a “botnet” of compromised IoT devices. So, one of the easiest things we can do to keep our homes safe from cybercrime is simply being aware of which devices in our home are internet capable. If the connectivity functions are not being used, simply disconnect the device. Check the device’s manual for steps on how to turn off that functionality. If the connectivity features are being used, make sure the device is secured. Which leads to the next tip…
- Set unique passwords. One of the most common, but also most easily fixed, problems with internet connected devices is a failure to reset default passwords. For many, the most unsettling example of this vulnerability is the phenomenon of baby monitors being accessed remotely by unauthorized users and used, essentially, as a spycam. One way in which this violation of privacy has been accomplished by hackers is simply using factory-set default passwords which are never changed by users. The easy act of changing a default password to a unique one known only by you closes one of the most vulnerable points of entry into your home.
- Install software updates. It is easy to tire of being asked to install the updates for apps or the firmware for devices. However, these updates often contain important fixes for potential or actual security flaws. The massive and devastating Equifax data breach in 2017 resulted from the exploitation of a security flaw which had been identified and fixed prior to the attack, but for which the software update was not installed. If a failure to install an update can allow hackers to sneak into a huge corporation, it can just as easily allow them to sneak into our homes as well.
- Make sure internet routers/WiFi access points are secure. A router or access point is the internet’s gateway into your home. No matter how secure your other individual devices are, it doesn’t matter if you leave the door unlocked, and the same goes for the router. Some of the most widespread vulnerabilities reported in recent years have involved common consumer routers. As a starting point, apply the same advice above to your router – apply unique passwords and keep its firmware updated. This guide offers additional steps you can take to secure your router.
- Talk to your kids about online security. A chain is only as strong as its weakest link, so keeping your home secure requires everyone’s involvement. Bring your children up to speed on the important cyber security measures discussed here and available online. These lessons ensure your family members won’t defeat your security efforts by inadvertently connecting an unsecure toy to your network or resetting a device back to a default password.