Throughout National Cyber Security Awareness Month (NCSAM), I must admit I realized I was reading the same advice we have always pushed out – the same obvious methodologies and procedures to help keep us all nice and secure.
However, once again, there are also a few things that continue to be overlooked or maybe even discounted as posing a security risk.
For example, you have Broadband, right? Since you are not a Corporate, I am going to guess the ADSL Router is sitting somewhere where it is easy to access, and easy to see.
I am equally guessing that you have people visit your home in the guise of say, friends of your children, workman, carpet fitters, neighbours – whoever.
The thing is, notwithstanding malicious or casual, do you really want to make your Broadband connection open to all? Moreover, do you wish to have your neighbours or others sharing your connection, utilising it for their own specific purpose? After all, you as the registered owner may potentially be culpable for.
Thus, if you would care to consider the Physical Access to this critical home-based component, you will notice that in most cases, the device will be carrying a card or have the WiFi credentials on its body or case.
So, as you can imagine, anyone who is aware of such matters won’t take long to locate said information, write it down, or snap it onto their smartphones, potentially granting them unfettered access to your facilities from that day onward.
It may be, however, that some are still not that concerned about an unknown, or unauthorised device attaching to what may be a home network populated with multiple DCHP allocations.
But think again, how easy it may be for an individual to work out what tools and techniques may be applied to traverse back via the Access Point into the supposedly isolated and secure network environment. An intruder would then be able to identify and target assets, access insecure file-shares, and open ports – essentially, an unknown actor looking into your interconnected world, and possibly your sensitive information assets.
I’m going to say none of us would want that. So, here is a simple security tip to continue this year’s security awareness initiatives:
- Go to your Broadband router
- Locate the Login/WiFi settings
- Either remove the label and place somewhere secure; or write down the credentials and remove them from the device
Remember, security is not always about the big things, and those obvious security vulnerabilities we see at the top of the cyber list. Sometimes, it is just a matter of bad housekeeping practices that can serve up insecurity equating to low hanging fruit, with high potentials of unknown impact.
About the Author: John Walker is a Visiting Professor at the School of Science and Technology at Nottingham Trent University (NTU), CTO and Company, Director of CSIRT, Cyber Forensics at Cytelligence Ltd., Practicing Expert Witness, ENISA CEI Listed Expert, Editorial Member of the Cyber Security Research Institute (CRSI), Fellow of the British Computer Society (BCS), Fellow of the Royal Society of the Arts,and is a Certified Forensic Investigation Professional.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
- NETGEAR Wireless Router Configuration Guide
- Six Tips to Improve Your Router’s Security
- NETGEAR Quietly Patches Critical Authentication Bypass
- ReadyNAS Flaw Allows Root Access from Unauthenticated HTTP Request
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock