WIREDSCORE’S GUIDE ON...

PROTECTING YOUR HOME NETWORKf r o m c y b e r at ta c k s

2 | Protecting your home network from cyber attacks wiredscore.com

WI R E DSCOR E’S G U I DE ON.. . P R O T E C T I N G Y O U R H O M E N E T W O R K

There’s no honor among thieves. Such is the case even in the midst of an international health crisis.

As we’ve all made the shift to remote work, remote

education, and social distancing to stem the spread

of Covid-19, cybercriminals have opportunistically

sprung into action to capitalize on our collective

reliance on connectivity.

While corporations and educational institutions

have the ability to mitigate the risk of attacks

on their network when users are on premise,

remote access opens up an entirely new world of

vulnerability that all are still grappling with.

f r o m c y b e r a t t a c k s

Follow the simple advice in this guide and protect yourself and your privacy.

In this short guide we will explain what type of

attacks are common among work from home

employees during Covid-19.

But do not be alarmed. There are simple steps

you can take today to protect yourself from

opportunistic cyber criminals.

In the second part of this guide we will show you

exactly what you need to do to stay protected.

3Protecting your home network from cyber attacks | wiredscore.com

COMMON TYPES OF CYBER ATTACKS DURING COVID-19

Over the past several weeks, we’ve seen a massive

uptick in cybercrime from social engineering,

phishing, and brute force attacks into our home

networks.

Hackers are shameless and will sink to any means

to obtain your data, this only increases when we

are distracted by world events, with even the World Health Organization being attacked in March.

90% of cyber-attacks start with a phishing

campaign, and hackers are adapting their

methods to take advantage of more people

working from home.

90% of cyber-attacks start with a phishing campaign, and hackers are adapting their methods to

take advantage of more people working from home.

Here are the common ways phishing is used to

steal your personal information:

Phishing Websites

These websites are created to get users to visit

them by mistyping a website name or clicking on a

link that looks similar to a genuine website.

4 | Protecting your home network from cyber attacks wiredscore.com

During a crisis like Covid-19, hackers will increase

the volume of these attacks by registering as

many domains as possible with keywords that are

searched.

• According to the software firm Checkpoint, since the beginning of 2020, there has been a

substantial increase in new domain registration

names that include “Zoom”, the video

conferencing software of choice. Since January

this year, there has been in excess of 1,700

new registered domains with some variation of

‘Zoom’, and 25 percent of those were registered

during the 2nd week of April alone. Seem

suspicious?

A phishing website tries to steal your passwords or other confidential information by making you think it’s a

genuine and secure website.

• Google also saw a 350% increase in phishing

websites looking to capitalize on our desire for

information, posing as health organizations,

charities, and research institutes. In January

2020, there were a total of 149,195 active

Covid-19 related phishing sites. This number

leaped 100 % to 293,235 in February and

nearly doubled again by March, totalling

522,495 registered Covid-19 phishing sites.

5Protecting your home network from cyber attacks | wiredscore.com

Phishing Emails

If you want to see what these look like, check your

Spam folder! We’ve all seen these, they are usually

poorly written, sometimes from someone we know,

and try to get us to download an attachment to

launch malware onto your computer.

What’s the problem then if my Spam folder

captures them all?

Unfortunately many do get past your spam, and

hit your inbox. Cybercriminals get smarter all the

time and email providers need to continually play

catch up.

6 | Protecting your home network from cyber attacks wiredscore.com

There are several types of phishing emails you should be looking out for:

Company Info: Cybercriminals are targeting

remote employees with company messages that

notify workers of a positive Covid-19 test within

their organization. The messages contain malicious

attachments disguised as protocols that the

company is undertaking as well as a “flyer” that

recipients are asked to open, read and print out.

Government and Covid-19 Related Info: There has been a large uptick in attempts

from emails sent from seemingly legitimate

organizations, to ask for charitable contributions,

general financial relief, airline carrier refunds, fake

cures and vaccines, and fake testing kits.

In the US, Americans will be getting stimulus

checks in Q2, but the FBI warns hackers will

be capitalizing on this to steal information via

phishing emails. They indicated that in no way will

any government agency be reaching out over email

for personal information.

7Protecting your home network from cyber attacks | wiredscore.com

HOW TO PROTECT YOURSELF FROM PHISHING WEBSITES AND EMAILS?

• Check the content of an email, look for

misspelled words and closely examine the return

address. Typically these emails will be especially

vague or general.

• Don’t open unknown attachments or click on

links within the emails or text messages.

• Beware of lookalike domains, double check that

you are on a secure website with the correct

URL before entering passwords or personal

information.

Now you know how to protect yourself from cyber attacks that we can typically see and identify, but what about those attacks we can’t?

• Go to the domain of the senders email address to

help verify the legitimacy.

• Example: sender@wiredscore.com

WiredScore.com is a real site.

8 | Protecting your home network from cyber attacks wiredscore.com

HOME NETWORK SECURITY

Unfortunately, there isn’t just one tool in the hacker

toolkit, and the more sophisticated attackers will

target the actual networks we connect to, rather

than use websites or emails. By nature, our home

networks don’t have the same security that would be

in place in a corporate environment and hackers are

looking to exploit that vulnerability.

Here are simple actions you can take to improve the security of your Home network:

How to secure your router and Wi-Fi

Since the beginning of March, there has been an

increase on attacks on home routers.

Attackers are “brute forcing” to get into our

networks, which means they are running software

that will try thousands of password combos

until they break in.

Attackers are “brute forcing” to get into our networks, which is basically running software that will try

thousands of password combos until they break in.

Once in, they are changing our router settings to

automatically route us to phishing sites like the

ones we just explained.

9Protecting your home network from cyber attacks | wiredscore.com

FOUR EASY STEPS TO SECURE YOUR HOME NETWORK

1. Change the default password on your router and Wi-Fi:

If you are like most of us, you are using a router

supplied by your ISP and have never changed the

default password or Wi-Fi info, which is a major

security flaw. Most of these passwords are easily

broken, and there’s even a website dedicated too

default router passwords to help people who

can’t access it - this is candy for cybercriminals.

Most routers have the ability to be accessed

via a webpage, but check your ISPs website for

instructions for accessing yours, most should look

something like this:

• When you open an internet browser, you will need

to visit a website based on a string of numbers. This

is often printed on the back of the router and will be

something like https://192.168.1.1• Login to your router with the router’s admin

password (on the back of your router).• The user name is admin. You can find the default

router administrator password on your router label.

• Replace the current admin password with a new

one that’s strong and easy for you to remember.

Follow your router on-screen or user guide detailed

instructions.

• Now do the same for your Wi-Fi password (pick

one different than the previous). Set up a strong

password by picking a long, unique mix of numbers,

letters and symbols. Your password should be 12 or

more characters (don’t forget to log back in on all of

your devices connected to Wi-Fi).

• While still in your router, proceed to steps 2 & 3.

10 | Protecting your home network from cyber attacks wiredscore.com

2. Keep your router’s firmware up to date

Once logged into your router (See Step 1 above),

ensure there aren’t any pending software updates.

Most routers will download these automatically,

but many older devices will require a manual

update. Be sure to download the latest software.

3. Disable WPS

WPS allows you to quickly and easily connect

your Wi-Fi router to your devices (e.g. a cell

phone) either via a button on the router or a pin

code printed on a sticker. A serious vulnerability

was found in many ISP vendor implementations

of WPS years ago that allows hackers to break into

networks, it also gives anyone with physical access

to your router the ability to connect.

Because it’s hard to determine which specific

router models and firmware versions are

vulnerable, it’s best to simply turn off this feature if

possible, which can be done while logged into your

router. Searching in Google “turn off WPS <ISP

provider name>” should explain exactly how if it’s

not immediately obvious.

4. Enable the latest security

Under Security Options or a similar section

in your router, make sure the security for your

network is set to WPA2-PSK [AES] or the highest

available setting. WPA2-PSK [AES] is currently

the strongest level available for home wireless

networks.

11Protecting your home network from cyber attacks | wiredscore.com

HOW TO SECURE YOUR DEVICES?

1. Keep your connected devices up to date

Having a secure router is great, but it’s useless if

you’ve put off a Windows or iOS software update

for the last two years. Any device connected to

your network can serve as a backdoor into all of

your devices. Install security patches and updates

as recommended by your computer’s operating

system (Windows or macOS) and mobile devices,

as all of these manufacturers constantly patch

newly exposed security flaws. If you’re not sure

how, simply Google search “How to update

software <windows or mac>”.

12 | Protecting your home network from cyber attacks wiredscore.com

2. Enable the firewall on your desktop and laptop

A firewall is a security feature designed to help

protect your computer and personal data from

unauthorized access and alert you to immediate

threats. Most devices now come with built-in

firewalls and they just need to be enabled. See

below depending on your device:

a. On a Mac, choose Apple menu > System

Preferences, click Security & Privacy, then

click Firewall. ... Click Firewall Options. If the

Firewall Options button is disabled, first click

Turn On Firewall to turn on the firewall for

your Mac.

b. For Windows, in the Cortana search box, enter

Firewall. Click Windows Firewall in the search

results. In the Windows Firewall window that

appears, make sure that Windows Firewall is on.

If it isn’t, click the Turn Windows Firewall On or

Off link in the left pane of the window.

3. Smart Home and Streaming securely

Most IoT (Internet of Things) devices and

streaming devices (e.g Roku, Fire TV Stick, Apple

TV) also have a default password that is just a

Google search away. We strongly recommend

updating passwords on all of these devices using

your user manual, and also confirm that firmware

updates are set to auto in the settings.

It’s also considered a best practice to connect these

devices to a separate “Guest Network” in your

router to keep them separate from your phones and

computers, which will have more personal data.

13 | Protecting your home network from cyber attacks wiredscore.com

Wired Certification is the internationally recognized rating

system that helps landlords design and promote their

buildings’ great digital connectivity to tenants.

Employees working in Wired Certified buildings benefit

from knowing their businesses are supported by the latest

in in-building technology and digital connectivity.

If you’re a landlord or tenant interested in learning about

getting your building Wired Certified, schedule a call with

our team by clicking the button below.

CONTACT US

• How to protect yourself from cyberattacks when working from home during COVID-19

• Governments experience surge in cyberattacks

• Zoom Domains Targeted by Hackers, as Use Surges with COVID-19

• COVID-19 Cyber Threats: Hackers Target DNS Routers, Remote Work

• COVID-19 Phishing Schemes Escalate; FBI Issues Warning

Need more information to answer

14Protecting your home network from cyber attacks | wiredscore.com

Content clarification: This article is written

for home users and clients with basic internet

requirements. Many of our clients are using

VPNs to connect to corporate networks, which is

where the biggest risk lies currently. This could

be a separate article regarding considerations for

accessing your work network securely or add-in

here; I was just cognizant of length.

Author: John Meko, Director of Engineering, North

America, WiredScore