Cyber Security 

As a home or business user you may think that your computer or network really wouldn't be a target for anyone.

You'd better re-think that notion.

Most home users do not give security a second thought because many simply think that its automatic with their computer. That's true but only a very limited extent. Most computers like Windows 10 have built in anti virus and ransomware protection but relying on that alone is foolish as many people have found out the hard way. Many individuals as well as small businesses have had to pay ransomware attackers to get their data back.

And just to be clear those small businesses were sole proprietorships such as Doctor's offices, Car Dealerships, Carpet stores, Restaurants to name just a few. Losing your all of your business documents and other data is a nightmare for sure.  

The Way In.

Router security is more important than ever today. Again the majority of people who have a router have no protection in their router because they have allowed the protection package that came with it when they purchased it expire. That's the gateway in. 

Basic router security

Every router should have a strong password to help keep out the bad guys. Some new routers come with default passwords, but you should change these during setup. Creating a new, complex, unique password for your wireless router is easy. It should only take a couple of minutes. Specific instructions vary from one router to another, but the basic idea is this:

All wireless routers have a numerical address. If you’ve lost the instructions, you can probably find yours by searching online for your router’s model number.

In Security Settings, create a name for the router, and a password, and then select a type of encryption, like WAP2. Do not name your router something that can easily be associated with you, such as your last name.

Make sure you choose a complex password that you can remember, but one that’s not easy to guess.

Don’t forget to save the updated information when prompted. Your router is now secured against roaming cybercriminals.

Different types of encryption

Depending on your router, you might have options for different kinds of encryption. The most common router encryption types are WEP, WPA and WPA2. Commercial routers from brands like Netgear, Linksys, and ASUS often include:

Wired Equivalent Privacy (WEP): This is the oldest and most popular form of router encryption available. However, it is the least secure of all encryption protocols. It uses radio-waves that are easy to crack. For every data packet that is transmitted it uses the same encryption key. With the help of automated software, this information can easily be analyzed.

Wi-Fi Protected Access (WPA): The Wi-Fi Alliance came up with WPA to offer an encryption protocol without the shortcomings of WEP. It scrambles the encryption key thereby getting rid of the problems caused by hackers cracking the radio-waves. This is also a less secure form of encryption, partly because of legacy hardware and firmware that still used WEP as their main protocol. However, it is a significant improvement over WEP.

Wi-Fi Protected Access 2 (WPA2): This encryption type is currently the most secure and most recent form of encryption available. You should always select WPA2 if it is available. It not only scrambles the encryption key but is also does not allow the use of Temporal Key Integrity Protocol or TKIP which is known to be less secure then AES.

Advanced Encryption Standard: When possible, you’ll want to use AES on top of WPA2 or WPA. This is the same type of encryption used by the federal government to secure classified information. Routers made after 2006 should have the option to enable this on top of WPA2.

How to set up Wi-Fi router securely: The specifics.

Manufacturers know how important it is to make their products user-friendly. Most routers come with instructions that are easy to set up and configure. Apps are replacing bulky user manuals and web interfaces that walk users through the set-up process. While using apps has made setting up routers easier for customers, the router may not be completely secure. Here are a few things to consider before setting up the router.

Update your router with new firmware and keep it up to date

Updating your router’s firmware is an important security measure to help protect your router against the latest threats. Most modern routers allow you to enable notifications to prompt you when the manufacturer makes patches and updates to the router’s firmware available. Some manufacturers may even push the update automatically to your hardware, so you don’t have to do anything. However, there are some routers that have updates within the settings option. In this case, the user has to make sure that the firmware is manually updated regularly.

Change your login credentials and router password

Traditional routers come with a default password created by the manufacturer. While it may look complex and resistant to hacking, there is a good chance most models of the same router share the same password. These passwords are often easy to trace or find on the internet.

Make sure you change the password of your router during setup. Choose a complex alphanumerical password with multiple characters. If possible, change the username of your network, too. After all, it makes up half of the log-in credentials.

Always use WPA2 to secure your wireless network

Wi-Fi Protected Access 2, better known as WPA2, is a commonly used network security technology used on wireless routers.

It is one of the most secure encryption options available in the market since 2006. WPA2 scrambles the traffic going in and out of the router. That means even if someone is within range and can see traffic, all they see is the encrypted version.

Disable WPS

Wi-Fi Protected Setup (WPS) was created with the intention of making the user experience easier and quicker when connecting new devices to the network. It works on the idea that you press a button on the router and a button on the device. This makes both devices pair automatically.

The user has the option to use a personal identification number, or PIN, to setup the device to create a connection. This eliminates the use of the 16-character WPA password that most routers use.

However, because of the PIN, WPS earned a bad reputation for being insecure. The PIN is an eight-digit number that can easily be hacked by repeatedly using various combinations of the usernames and passwords. This is carried out with the help of software. This kind of an attack is called a brute force attack.

Most routers allow users to disable WPS. Even if the PIN option appears to be disabled, it is wise to disable WPS. In recent years, it was discovered that many routers from reputed manufacturers allowed PIN-based authentication even when it appeared to be disabled.

Setup a guest network for smart home devices
A guest network has its advantages. It not only provides your guests with a unique SSID and password, but it also restricts outsiders from accessing your primary network where your connected devices work.
Once you have set up a guest network, you will not have to share your primary network password with your guests. They will be unable to access your Internet of Things-enabled devices or infect your network and devices with malware or viruses that may be on their devices.

How to Prevent Ransomware Attacks and other attack's

To protect yourself and your system from ransomware, follow these recommended steps:

  • Avoid opening unverified emails or clicking links embedded in them.
  • Back up important files using the 3-2-1 rule:  Create three backup copies on two different media with one backup in a separate location.
  • Regularly update software, programs, and applications to protect them from the latest vulnerabilities.
  • Create a culture of security and equip personnel with adequate knowledge on ransomware and other threats that utilize phishing and unsecure accounts in their campaigns.
  • Enforce the principle of least privilege to prevent users from running certain programs that can be used by ransomware variants.
  • Limit access to shared or network drives and turn off file sharing. This minimizes the risk of a ransomware infection spreading to other devices.

Organizations can also mitigate the effects of public shaming dealt by the conditions of ransomware’s double extortion scheme by being responsible and taking the following steps:

  • Notify law enforcement about the attack and the extent of the data breach.
  • Follow data regulation protocols such as the General Data Protection Regulation (GDPR) and make the necessary disclosures and notifications.
  • Prevent similar attacks from succeeding by addressing the security issues exploited by the attack.

Mike has the experience to get your security up to where it would be difficult for intruders to attack your data. Potential attackers are not going to spend a great deal of time trying to get into your home or business network once they determine its well protected.

Call or e-mail today to schedule your appointment to secure your data!