The New Normal: Securing Your Work-From-Home Environment

MIKA DEVONSHIRE

DFIR Specialist

linkedin.png

Subscribe Here to receive Blackpanda thought leadership, webinar invitations, and cyber intelligence direct to your inbox.

Your office is a fortress. You protect it with firewalls, anti-virus, backup power supplies, corporate policies, and a team of dedicated IT security professionals. These same layers of security and personnel in place at work are (most likely) not present in your home. 

With more companies issuing indefinite work-from-home orders, we seem to have entered a new normal. Although working from home has its benefits, it also increases your exposure to a cyber attack. 

 

The threat landscape now extends to your home network. 

 

The following are some simple but effective tips for helping you and your workforce protect your digital assets while working outside the security of your office. 

Securing Your Network Connection

Your home router is the gateway to the outside world for all of your connected devices—laptops, mobile phones, smart TVs, AI assistants, etc.  Everything you own that is connected to the Internet is a potential point of entry for attackers. Are you aware of how many devices are connected to your network right now?

 

Is your router secure? What’s the worst that could happen if it isn’t?

 

For starters, unauthorized users can disable your router’s security and begin stealing personal information without you knowing. BotNet attacks can hijack an unsecured router to saturate your bandwidth and launch subsequent attacks. “Signal Surfers” can log in from just down the hallway using your easy-to-guess password, creating their own network using YOUR router.

 

But the risks go far beyond piggy-backing neighbors slowing down your connection speeds. Unauthorized users can also use your unsecured router to mask their own identity, committing serious crimes in YOUR name (or at least attributable to your gateway’s IP address).

 

When was the last time you updated your router? Have you never changed the default “Admin/Password” combination that controls your whole Wi-Fi router?

 

Updating your home router is simple – it takes just a few minutes and can protect your home network from a number of critical vulnerabilities.

 

Secure your home router by following these simple steps:

 

  1. Look up your router model online to determine your router’s central login address (e.g., “192.168.1.1” or “routerlogin.net”)

  2. Enter your router’s login address into your web browser

  3. Log in with the default username and password (usually both ‘admin’ or ‘admin/password’ - also searchable on the internet)

  4. Go to settings and select ‘Change Router Password’ (or similar)

  5. Enter your new password

  6. Save settings


Once logged in, you should also check to see if there are any firmware updates available, install them, and enable “automatic updates” if not already selected.

 

After logging in, you can also see what devices are connected to your router. Do you recognize all of them? For added security, consider starting an asset inventory to keep track of all authorized and any unauthorized connections. 

 

Like account passwords, you should also change your Wi-Fi network passwords on a regular basis. Create a separate network or VLAN for “work” devices to separate them from your family’s many IoT, tablets, and non-business critical devices to further secure your network. 


Other things you can do to secure your network connection include using a reputable VPN when connecting to public Wi-Fi, closing and terminating any Remote Desktop Protocol (RDP) or remote access sessions when finished, and updating your antivirus software regularly.

Separating Browsers for Work & Play

The ideally secure work-from-home office space would be off-limits to family and friends. That network would have a dedicated computer and network segment for work only, and even its own Internet connection. However, this is not always possible. With budgets tightening, companies may ask employees to use their own devices.  Naturally, this means that people will be more likely to use a single device for both work and personal activity.  

 

If you find yourself in this predicament, there are a couple of tips to greatly reduce the exposure to cyber threats.  One of these is to ”silo” your web browsing activities – one browser for work, and one for personal.  There are some cyber attacks that take advantage of the way web browsers store user information, field values, and even passwords. For example, if Chrome is your work browser and Mozilla Firefox is your personal browser, then it is more difficult for an attacker to leap from one to the other to gather data. By creating two silos, you reduce exposure. 

 

Another simple practice that should become a habit is clearing your cookies and cache frequently. By doing so, you delete all saved information (like passwords) and help prevent websites from tracking you.

 

For your dedicated “work browser” you can also explore privacy-enhancing extensions and add-ons. Be sure to research any add-on solutions before you install, and recognize that some may (thankfully) block plugins such as javascript, flash, and other known vulnerable extensions.

Anti-Phishing Awareness

Phishing attacks aren’t only found in emails – you can be phished through a text message, phone call, or even Facebook. Your spam filters are usually not sharp enough to keep you safe from all forms of phishing. Especially when working from home, remain vigilant, and look for unusual characteristics. 

 

For example: Do you know the sender? Can you see the full, original email header and verify the address? Does the language in the email read smoothly and sound normal? Is there a legitimate reason to click, download, or open a link or attachment? If the answer to the above is no, then assume it is a phishing email. Flag it as spam, delete it, and most importantly do NOT forward it to your coworkers, but to a dedicated security team member. If you need to inform someone else, take a screenshot and send it as a separate email or through another channel.

 

For any calls to action, visit the official page, and avoid accessing them through notifications or links sent to you unless you can verify the request. You owe attackers nothing.

--


We will be working from home for the foreseeable future. You need to keep you and your environment safe. Do not become a cautionary tale. Reach out to us via our website at www.blackpanda.com or email us at hello@blackpanda.com to learn more about digital forensics and incident response, and other ways of improving your security posture.

Additional Resources

Interested in speaking to a DFIR specialist? 

Services

Additional Resources

Copyright © 2020 Blackpanda.
All Rights Reserved.

HONG KONG

Room 37, Level 5, Core F

Cyberport 3,

100 Cyberport Rd

Hong Kong

+852 6975 1099

PHILIPPINES

Penthouse, World Plaza Bldg.

5th Ave., Bonifacio Global City

Taguig City 1634

+63 2 8250 6110

JAPAN

301, 2-7-18

Nishiazabu Minato-ku

Tokyo 106-0031

+81 80 2077 9824

MALAYSIA

D1-U3A-6 Solaris Dutamas

Jalan Dutamas 1

50480 Kuala Lumpur

+60 3 6206 2582

SINGAPORE

3 Church Street

#25-01, Samsung Hub

Singapore 049483

+65 6692 9110

  • LinkedIn
  • Facebook
  • Twitter