Following Ubiquiti’s security incident and its subsequent recommendation to change your router password and enable multi-factor authentication, and the fact that it is widely reported that using default passwords on routers while working from home is a security risk, we thought it would be helpful to remind you to change your router password sooner rather than later.
Security experts have warned us for years that our wireless routers are an easy gateway for hackers to get into our systems, and that the manufacturer’s default passwords on routers are freely accessible on the Internet. Therefore, it is important to change your router’s password to a unique security password from the default password when you set up your router.
To assist, Lifewire has a tutorial that is easy to follow and can be accessed here.
Please note Lifewire’s caution of not using the same password for your router as you do for your WiFi. They should be separate and distinct from each other. Limiting access to your WiFi is also important for data security.
While it looks like the work from-home model will continue, implementing these security measures is important for the protection of our data on both personal and professional levels.
According to Cybersecurity Ventures, cybercrime is the fastest growing crime in the U.S., with damages expected to reach $6 trillion globally by 2021. Therefore, it is axiomatic that C-Suites continue to address the risk associated with cybercrime and how cybercrime will affect the business.
Ransomware continues to be one of the biggest risks to company operations. Statistics show that ransomware attacks are becoming more prolific and expensive. According to the most recent Coveware Q3 Report, ransomware incidents and ransom demands are increasing. Ransomware attacks are leaving a company paralyzed for an average of 19 days.
The inability to conduct business operations for 19 days can be devastating, especially to small and medium-sized businesses. Having an incident response plan, contingent operations plan, and disaster recovery plan is essential to minimizing the risk of failed or stalled operations. Those companies that are prepared for an attack and can implement these plans are better able to respond to a cyber-attack that leaves the company paralyzed.
It is clear that cyber-attacks and cybercrime damages are continuing to soar, particularly while companies’ workforces are working remotely. It is crucial to evaluate and put your incident response, contingent operations and disaster recovery plans in place now.
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently issued, and it contained some conclusions that made sense, while others were surprising.
The Report, entitled Pandemic-Driven Change: The Effect of COVID-19 on Incident Response, recognized that the pandemic has changed the way business is done “with organizations shifting to home-office work styles literally overnight.” Although there was a general assumption that with the transition from work in the office to work from home security incidents would increase, the Secureworks team found that the threat level was unchanged. What changed was the increase in new vulnerabilities that threat attackers took advantage of during the pandemic. According to the Report, “Infrastructure transformed practically overnight for many organizations. A sudden switch to remote work, increased use of cloud services, and increased reliance on personal devices created a significantly expanded attack surface for many enterprises. Facing an urgent need for business continuity, most companies did not have time to put all the necessary protocols, processes, and controls in place.”
In shifting rapidly from the office to workers’ homes, IT professionals were unable to strategize and implement necessary security controls because organizations did not plan for a totally remote workforce. The Report found that companies experienced increased risk in the following areas:
- Lack of Multi-Factor Authentication
- Access to SaaS Applications
- VPN Split Tunneling
- Security Monitoring and Access Control Implications
- Delays in Security Patching
Additional increased risks outlined in the Report included allowing remote workers to use their personal devices without implementing a Bring Your Own Device (BYOD) program, and heightened risk due to staffing changes.
These risk factors are not new, they have just become more pronounced during the pandemic. Threat actors used old tactics in a new environment to attack victims. According to the Report, “[A]dversaries simply pivoted their tactics to launch COVID19-themed campaigns, exploit the security gaps in remote work environments, and target organizations involved with pandemic research.” In addition, as we have reported before, attackers are using COVID-19 “as a phishing bait” as they understand that workers are looking for more information about COVID to protect themselves and their families and thus are not as vigilant because they are distracted and scared.
The Secureworks Report confirms that there are new vulnerabilities and old tricks to address during the pandemic with a fully-remote workforce