Leave a comment
Along with those new year resolutions, getting started on that diet and doing that exercise, it's also time to do some housekeeping on your network and do all those tasks that either slip by during the year or were put off and start the new year Cybersafe
1: Update firmware and apply patches.
Just because it works - does not mean it is working… While drinking that eggnog you may have missed the log4j thing, a small problem that leaves computer systems wide open to very easy attacks. That's just one reason to go around and make sure everything is patched and all firmware's are updated.
It reminds us that all software has bugs, issues and vulnerabilities, and that by taking this one simple step we can prevent many problems.
2: Move IOT Devices onto their own Virtual Network (VLAN)
I was given lots of presents and amongst them were several new IOT devices little plug things, light switches and an Alexa. Aren't i lucky?
Being able to speak instructions makes you feel like your in startrek and gives us a glimpse of the world to come. but it's also important to remember how these devices work and how to use them safely.
These little devices reach out into the internet and connect to server's that talk to other server's. Because of this that leaves them vulnerable to attack and once compromised they can either become part of a botnet, listen and spy on your network or allow the attacker to pivot to other devices and computers. This is a lot more common that you might expect and with the value being in remaining undetected, people are often being unware when they have been compromised.
The truth is that these devices are so simple and easy to use that there really isn't much you can do so you have to assume that someone else might be using your little smart light switch for there own purposes. (remember it might not be very powerful but combine it with thousands of other devices and it all adds up quickly.)
What we can do though is isolate things, so if we take these devices and place them in there own virtual network or VLAN then they can no longer access our main computers and devices and we limit our exposure.
3: Change Passwords
Changing the password on your computer is a pain but it's done often for good reasons. But how often do you change your WIFI password? The router's admin password?
If you don't have a guest network then giving out your WIFI password becomes common as you let your family and friends use your internet rather than 4G and once known and shared who else could be given your password to your network without you knowing.
4: If you don't use it remove it.
It's so easy to leave stuff plugged in turned on and forgotten, but that's using power that could be saved, and giving attackers more things to go at… just unplug it.. feel good.
5: Check for obsolete hardware
As hardware gets old, manufacturers stop supporting, hey they want you to replaced it but this means no patches and no fix's, so although it works vulnerabilities will be discovered that are never fixed.
It creates a lot of e-waste which is one reason I don't recommend some devices but keeping up to date is super important.