THE recent worldwide “ransomeware” attacks on computers and networks has highlighted the vulnerability of home computer networks, cyber security firm Fortinet Philippines warned.
“As the number of internet-connected devices grows, poorly-secured home networks that are storing more information are attractive targets for cybercriminals,” Fortinet said.
“Faster and more affordable Internet connections are driving more home users in Philippines to deploy Internet-connected devices at home. At the same time, connectivity is enabling more employees to work remotely from home. While connected devices at home provide greater convenience and enable faster communication, ‘home networks’ can become easy targets for cyber criminals,” the security experts cautioned.
Jeff Castillo, country manager for Fortinet Philippines added, “Recent IoT-based attacks have revealed the sheer volume and ease by which billions of connected devices can be weaponized and used to disrupt the digital economies of entire countries and millions of users. These issues are compounded by the lack of basic security features and management capabilities in many IoT devices.”
According to market research firm IDC, there will be nearly nine billion connected devices across Asia Pacific by 2020. Connected devices on the home network range from smart TVs, entertainment and gaming systems, smart refrigerators, to online home security systems. Many home networks also include wireless medical devices, and tools designed to track and monitor children or elderly family members. All of these devices are connected to the Internet through a home WiFi system, or increasingly, a Home Area Network (HAN) combined with Network-Attached Storage (NAS) and cloud-based applications that are accessible from any device in any location.
To help protect home networks, Fortinet made three basic recommendations. First, the exact number and type of devices on the home network should be identified. “There are a number of security tools specifically designed for the home which can identify devices looking to connect to the Internet through WiFi network. Many of them can be easily configured to provide them with access to the guest network, while restricting and monitoring the kind of traffic they are generating,” Fortinet explained.
The security firm also suggested that before purchasing an internet-ready device, ask some questions about what it does and how much network access it needs. “Not every device that wants to connect to the network needs to. Research these devices with an eye towards security. Many connected devices include vulnerable software or back doors that make them potential targets. And far too many of these devices cannot be hardened, patched, or updated,” Fortinet said.
Second, applying a simple network segmentation strategy can protect the other devices on the home network from being affected if one is attacked.
“Buy separate wireless access points to separate things like gaming systems and IoT devices from PCs and laptops,” Fortinet suggested. “Set up a wireless guest network for visitors or new devices. Most access points allow users to restrict access, set up things like firewalls, and monitor guest behavior.”
In addition, Fortinet recommended purchasing a separate device to use only for sensitive tasks like online banking, and keeping work and personal devices separated.
Finally, Fortinet pointed out that protecting the network and its devices is a continuous task. “Keep a list of all the devices and critical applications on your network, including the manufacturer. Set up a weekly routine to check for updates for physical and virtual devices, operating systems, applications, and browsers,” Fortinet said.
Of course, antivirus and anti-malware software is must. “Keep it updated, and run it regularly,” Fortinet said.
“Remember that no software is 100 percent effective, so set up a regular schedule, say once a month, where you use a second or third security solution to scan your device or network. Many solutions provide a free online version or let you run a free demo for a period of time.”
Fortinet also reminded users to activate their computer’s firewall option, and use “good password hygiene.” Change passwords every three months, and use different passwords for different applications. To help keep track of passwords, a password manager program, which stores passwords in encrypted form, can help.
“Given the rate at which technology is changing, users can no longer afford to simply load an antivirus tool onto their laptop and think they are going to be protected. As users begin to use and interconnect more and more devices, and blend their personal, social, and work lives, security is increasingly important,” said Castillo. “It is critical that users begin to develop a strategy now for learning, segmenting, and protecting their network, resources, data, and privacy.”