Your home is your castle – is it time to raise your cyber drawbridge?

by | Dec 11, 2017 | User Awareness | 1 comment

Your home is your castle – is it time to raise your cyber drawbridge?

Even with rates of cyber crime increasing rapidly, it’s apparent that many of us do not take cyber safety at home anywhere near as seriously as physical crime prevention. We all have our little rituals that make us feel secure. Upon leaving our homes, most of us double check that the windows are closed and the door is locked. Coming back from a hard day’s work, we might give the security lights a wave to make sure they are working. When it’s time for bed I always do a quick sweep of the house before turning in for a good night’s rest.

And who would blame us? Of all the places in the world, our homes are where we should feel most comfortable and assured. In Britain this might mean growing some particularly thorny bushes beneath our windows. In South Africa, it may mean electric fences and private security guards. Many people are streetwise when it comes to personal security, but is something being forgotten? It is reasonable to wonder why cyber safety at home is not being taken seriously.

Cyber safety and physical safety at home
It is estimated that South Africans spend around R45 Billion per annum on private security measures.

Perhaps people feel the chances of it happening to them are unlikely?

Unfortunately, there is more than enough hard evidence to prove that cyber safety at home is a pressing issue. For example, Britain’s National Crime Survey calculated that 2 million cyber crime offences were made against individuals between October 2015 and September 2016; compared with just 686,000 domestic burglary offences. Similar numbers are estimated for comparable countries.

It is also possible that figures are even higher. A great deal of cyber crime goes unreported, usually because people are unsure of which authorities they can report it to. In other cases people have become victims without being fully aware of it; small amounts of money may have been siphoned from their bank accounts over time, unbeknownst to them. Obviously those who have been extorted or blackmailed are unlikely to report incidents.

Unreported cyber crimes
The FBI has warned of an increase in “sextortion” attacks, wherein blackmailers target victims with the threat of exposing private images.

Even so, what damage can a hacker really do?

“What does a hacker want with me, anyway?” you might ask. “I don’t have any state secrets, or Coca-Cola’s secret recipe.” What could they hope to gain from getting access to your home network? In truth, they can get up to quite a bit of mischief. The wireless network router, that diligent device with the flashing lights and antennae, is the modern household’s gateway to the Internet, linking the following devices with the online world:
  • Your family desktop PC
  • The work laptop you bring home
  • Your son’s games console
  • Your daughter’s phone
  • Your spouse’s tablet
All of these will usually access the Internet through a router that has been purchased off the shelf at a retail store, or given to you by your Internet service provider. These generic products generally mean security settings aren’t optimised – hackers won’t have to work too hard to access the router’s web admin panel. From there a hacker can do almost anything, from tinkering with things which are simple and easy to fix, such as blocking access to certain websites and cutting you off from the Internet… to much more complex and damaging activities, such as ‘spoofing’ the webpages you access – this is when a hacker will change your router’s Domain Name Server (DNS) to their own. From that point on when you go to your online banking page, for example, you will be putting your credentials into a fake version of that page. Now the hacker has easy access.

Well, maybe the consequences aren’t as serious as those of a home break-in?

 

Such sentiments are of little immediate comfort for someone who has had their identity stolen, or has to wait for days to access their bank funds whilst the fraud team investigates a theft. Unlike many physical crimes the process is ongoing – personal details stolen in cyberattacks are repeatedly sold on to different underworld groups who exploit them in numerous ways.

Experts are generally coming to an agreement on the idea that the psychological state of a victim following cyber crime is similar to that of a victim of assault; feelings of depression and guilt may arise.

 

Police are getting better at catching hackers, aren’t they? Maybe this will all just blow over?

 

This isn’t an issue that is going to go away. As security countermeasures improve, so does the sophistication of the cyber criminal. What’s more, with the proliferation of ‘The Internet of Things’, more and more household items are becoming ‘smart’ devices. In other words, they are going online, and the list we looked at previously… it’s about to get bigger:

  • Your fridge
  • Your car
  • Grandad’s pacemaker
It may be that in a decade or so the line between the physical and electronic worlds is more blurred than ever. In 2015, Mattel’s Wi-Fi enabled ‘Hello Barbie’ doll gave us a disconcerting look into the connected future. It was revealed that not only did it transmit data to a processing centre, but that it could also be hacked and used to listen in on conversations!
Connected devices cyber safetyBy 2020 the world will have over 50 billion connected devices.

So what can I do to increase cyber safety at home?

You don’t have to be a locksmith to secure a door. You don’t have to be a computer expert to make your home network a little bit more safe. There are simple things you can do to be more cyber safe at home:
  • Avoid using routers supplied by ISPs. They often have credentials you can’t change (technicians remotely access them) and security software updates are rarely made for them.
  • On that note: update your router’s firmware as soon as new patches become available. Patches work exactly like they sound: they cover holes and gaps in the software that hackers usually try to exploit.
  • Create a complex Wi-Fi password and use strong security protocol. Modern routers should use something called WPA2 (Wi-Fi Protected Access II). Older routers use WPA and WEP and are obsolete in security terms. When you get a router it will have a password assigned right out of the box; be sure to change this, and use a long mixture of numbers and letters. If you need further guidance on making your password secure. Keep a look out for our next blog on password security. You can sign up for our blog alerts via the home page of the GoldPhish website.
  • Take your router and, if possible, place it in the middle of your house. Not only will it give better distribution of connectivity, it will make it hard for someone who does not have access to your house to latch on to your Wi-Fi network as they only have a limited range.
 GoldPhish Wi-Fi names cyber safety
Also consider changing your Wi-Fi name, as it will mask the brand of router you have. Don’t use something like ‘Smith Family Wifi’…be creative, something like ‘I believe Wi can Fi’ gives no information away.
These are just a few tips; keep an eye out for our upcoming blogs with simple, actionable advice for protection against the online threat. Your home is where you keep your valuables, where you make treasured memories with your family and friends. There is no feeling quite like returning to the sanctuary of our very own space; basking in the safety and security it affords. So don’t stick your head in the sand. Have a think about cyber safety at home, do a little research, and make a few changes… soon enough, you’ll be safe as houses!

1 Comment

Pin It on Pinterest