With the advent of the VPNFilter malware, now is as good a time as any to re-evaluate our home networks and what security measures we have in place to stop nefarious actors from breaking in and wrecking shop.
"I'm just your average Joe Bloggs, no-one is going to hack me"
We all like to think we are safe from being hacked. What do hackers have to gain from hacking me? My gigabytes of cat videos? Unfortunately, quite a lot actually.
One goal for hackers may be to hack into your network and recruit you into a botnet. What is a botnet, you may ask? A botnet is a collection of infected computers that are centrally controlled and can be tasked with committing attacks on a large scale (such as Distributed Denial of Service attacks, or DDoS). Participating in these attacks is often CPU-intensive and can often slow your network down to a crawl.
Another popular attack that targets standard home users, as well as commercial users, is ransomware. The purpose of ransomware is in its name, to hold you or your business ransom (often for cryptocurrencies such as Bitcoin). Once ransomware is installed on a computer, it usually encrypts all of the user's files and locks them out of their computer until a ransom is paid.
"Now that I know I may be a target, what can I do reduce the risk?"
There are a few simple steps you can take to significantly reduce the risk of being hacked. Here are 4 of them:
1. Change the default username/password on your devices
Whilst username:admin and password:admin, or similar, may be easy to remember, it's usually one of the first username/password combinations hackers use to gain access to your network devices. Worse still, anyone can simply Google search your network device model number and will usually find you default login settings on the user manual.
2. Change the default SSID (wireless network name) and wireless password
The same rules apply as above. The default settings could potentially be available via Google search. Also, they are often written on the device so anyone with physical access to your router can join your wireless network.
3. Disable remote access methods if they are not required
If you aren't sure what SSH and Telnet are, chances are you won't need them. Having these services enabled gives hackers one more foothold they can use to gain access into your network.
4. Update your device firmware regularly
Recent malware such as Wannacry use exploits that could easily be remedied by upgrading router or operating system firmware. It is recommended to follow your vendor on social media channels, such as Twitter and Facebook, for updates on the latest firmware and update it as soon as possible. This applies to routers, access points and switches, even your mobile and IoT devices.
Whilst this is in no way a complete and exhaustive list of steps you can take to improve your network security (see firewalls, IPS, anti-virus software etc), following these steps is a drastic improvement on having nothing in place at all
Information on the VPNFilter malware can be found here: https://blog.talosintelligence.com/2018/05/VPNFilter.html