ESET: With the new data of the coronavirus pandemic, a large number of employees are forced to work from home, without the usual protection of corporate networks.
This significantly increases the chances of attacking a company's digital assets and requires greater responsibility, both from employees and company management. According to ESET, by taking the following steps, employees of any company can greatly enhance their digital security against a potential attack.
1. Check home router settings and change the defaults. Cybercriminals can try to hack your router and gain access to your network, so it is important to check your router settings. Usually by typing https://192.168.1.1 in the browser, you can see the control panel, and from there change many settings that are directly related to your security. Make sure you change the default usernames and passwords. You will also need to change your home network name (SSID).
2. Scan the home network for unwanted devices. Use scan tools to find unwanted devices on your home network. Then change the password and turn off unrecognized devices on your network.
3. Firmware update, replacement of old router models. ESET researchers recently discovered the vulnerability Krøk to the billions of Wi-Fi chips used in routers, which proves how important it is to update the firmware to the latest version provided by the manufacturer. If you have an older router, ESET recommends that you replace it by looking for a model with features that can provide greater security to your home network, such as detecting and blocking malware, phishing sites, and other network threats. any device that is connected to the router in your home.
4. Use VPN network to encrypt communication. Employees who need access to the company's intranet while working remotely are safer to use a VPN network. In this way, the small data packets that make up communication can remain encrypted as they travel across the Internet, and are only visible on employees' devices and the corporate network.
5. Use of two-factor authentication (2FA). Employees using remote access technologies, such as Remote Desktop Protocol (RDP), are quite exposed to attacks. For this reason, if possible, it is a good idea to use 2-step authentication (2FA) solutions. Even if an attacker violates the passwords, with 2FA he can not proceed, as it is required to enter another one-time password, which is usually received through an authentication or SMS application.