How to fortify your home office security against modern-day attacks

(Image credit: Gpointstudio / Shutterstock)

The “original” home office network consisted of one, maybe two, PCs or laptops connecting to the internet. Now, there’s a wireless network connecting any number of devices, including PCs, laptops, smart phones, tablets, TVs, smart home assistants, gaming consoles, IoT-enabled appliances – the list goes on and on – to the internet. 

While security risks always existed, home office networks today are far more complex than ever before and more vulnerable to prevalent and sophisticated attacks than it may appear. 

It’s estimated that in 2016, nearly half of Americans spent at least some time working remotely, and nearly a quarter of workers performed some or all of their work at home. These remote offices are attractive to cyber-attackers because they sit at the network edge. In fact, unsecured remote access was found to be the number one cause of business data breaches, according to one 2016 study. 

Weaknesses in remote and home offices often include improperly configured security devices and programs and a lack of proper network security solutions that include firewall, VPN, IPS, web and email protection.    

Remote and home office networks can be susceptible to the same attacks as business networks: malware, ransomware and even distributed denial of service (DDoS). Malware attacks typically come in the form of a computer virus or worm, delivered via an email or document that’s been shared. 

Modern malware can spread and hide out among files on a host computer, and often capitalizes on specific security holes in an operating system or application, or on improperly configured systems. Ransomware is also spread as a virus or worm, but it hijacks a computer and demands payment before releasing it.

Earlier this year, a massive malware attack called WannaCry hit more than 200,000 computers in 150 countries, and loss estimates from the attack ranged from hundreds of millions to several billion dollars. A short time later, Petya hit. An attack characterized as wiper malware, Petya’s aim was to destroy systems and data, and it seriously disrupted systems at large firms in Europe and the United States. 

DDoS attacks may not be directly targeting a home office network, but cybercriminals can surreptitiously use compromised routers in DDoS attacks or as part of a rented botnet that other nefarious actors pay to use. Remote users unwittingly involved typically don’t realize the attack because there’s only minimal impact on bandwidth resources. 

But the effects of a DDoS can be widespread. In late 2016, it was a high-profile cybersecurity attack that used internet-enabled cameras as launching pads for a DDoS that ultimately took down a number of websites, including Twitter, Netflix, Pinterest.     

Home office routers are often the entry point for cybersecurity attacks. Their passwords are often weak; many still use the factory settings, the “admin” user ID, and hackable, weak passwords.

So, how to prevent becoming a victim of a cybersecurity attack? What are the key elements and best practices of a secure remote or home office network? 

The first order of business: use antivirus software and a firewall, and keep both updated. Antivirus software is readily available and easy to install; subscription-based solutions can be found online and downloaded. The best programs run in the background automatically, update themselves to protect against the latest threats, including harmful downloads and threats embedded in USB drivers, and protect all the versions of every device on the network.    

Firewalls add another level of protection. For years, most were too difficult or expensive for the home user. Now, there are stand-alone firewalls that are easy to use and cost-effective, can supplement any firewall mechanism that may be embedded in your PCs and laptops, and can include antivirus software.   

Many remote and home office users also currently lack visibility into and control over what’s happening on their network, which is another critical element to effectively protecting what still are often relatively complex networks. 

There are, however, still things individuals can do to protect their personally identifiable information and browsing history: 

  • Use HTTPS - HTTPS (HTTP over SSL), which can obscure the specific pages someone visits.  
  • Be wary of plugins which may be collecting your browser history and selling the data to third parties. Always review both the end user license agreement (EULA) and permissions that the plugin requires.  
  • Utilize a VPN, or virtual private network, which creates a secure, encrypted tunnel between a device or even an office location and a private server located elsewhere. This blocks anyone from viewing or modifying your internet traffic. While this doesn’t provide total anonymity, ISPs can still see the connection to the VPN service—the browsing data won’t be available to third parties.

Dirk Morris is founder & chief product officer at Untangle.  He founded the company in 2003, prior to which he was Chief Architect at Akheron Technologies, where he invented patent-pending High Bandwidth Transparent Vectoring technology.

Dirk Morris

Dirk Morris is founder & chief product officer at Untangle.  He founded the company in 2003, prior to which he was Chief Architect at Akheron Technologies, where he invented patent-pending High Bandwidth Transparent Vectoring technology.