NSA Cyberattack Advice To Keep Your Remote Network Safe
The NSA’s Best Practices for Securing Your Home Network guide provides remote workers with advice on how to protect against online threats.
Remote working brings benefits for employees, but by working from outside the company’s internal network there’s also the added threat that employees are left more vulnerable to cyberattacks.
If hackers can compromise a remote employee by stealing their corporate username and password, or infecting their computer with malware, it could become a costly network security risk for the entire organization.
Data breaches, phishing campaigns, ransomware attacks and Business Email Compromise (BEC) are just some of the cybersecurity threats to organizations, if cyberattackers can successfully target remote workers.
To help prevent this, the National Security Agency (NSA) has released ‘Best Practices for Securing Your Home Network‘ a set of cybersecurity tips designed to help remote workers protect their networks and themselves from cyberattacks and hackers.
“In the age of telework, your home network can be used as an access point for nation-state actors and cybercriminals to steal sensitive information,” said Neal Ziring, NSA Cybersecurity Technical Director. “We can minimize this risk by securing our devices and networks, and through safe online behavior.”
According to the NSA, these are some of the most important things you can do you to help secure your network and devices while working remotely:
1. Use Modern Operating Systems, Applications and Browsers – Keep Them Patched and Updated
Using the most recent version of an operating system and keeping it updated with the latest security patches is one of the best ways to help keep your device safe from cyberattacks.
The most recent operating system is the one which will be the most supported, while older operating systems may eventually stop receiving updates — meaning that security patches may not be available if vulnerabilities, which could be exploited by attackers, after uncovered after the cut off point.
In most cases, the updates will come in the form of a prompt which encourages you to restart your computer,application, software or web browsers, which is something you should do as soon as you can.
Using the latest version means you’ll be using the latest security updates, which will prevent cybercriminals from exploiting known vulnerabilities in software to conduct attacks.
2. Keep Your Router Secure and Up-To-Date
Your Internet Service Provider (ISP) provides you with a router to connect to the internet. Many people don’t really think about it, leaving it hidden in a corner after it’s been installed.
Your router is an important part of your networking set-up, providing a gateway in and out of your home network. This can be exploited by cyberattackers if it isn’t secured properly.
Like any other internet connected device, you should make sure your router is kept updated with the latest security patches, which can be set up to download and install automatically.
If the router reaches end-of-life and becomes unsupported by the ISP, it should be replaced with a newer model which will receive updates.
3. Segment Your Wireless Network
Segmenting your wireless connection, so there’s separate wi-fi networks for your work and home devices can be very helpful for keeping your devices secure.
The NSA suggests that at a minimum, your wireless network should be segmented between your primary Wi-Fi, guest Wi-Fi, and IoT network.
This segmentation keeps less secure devices from directly communicating with your more secure devices.
4. Use Strong Passwords and a Password Manager
Your passwords are the key to your online life, so it’s vital to make them secure — especially the one which you use to access corporate cloud environments. All of your passwords should be unique and complex, so they’re not easy for an attacker to guess.
While remembering many different passwords is a challenge, this can be overcome by using a password manager — which should also be secured with a strong, unique password.
It’s also important not to store any passwords in plain text on your device. This will prevent your accounts being accessed if your device is lost or stolen.
5. UseMulti-Factor Authentication (MFA) For All Accounts
Using multi-factor authentication (MFA) — also known as two-factor authentication (2FA) — whenever possible can keep all of your accounts secure.
Ideally, your employer will provide an authenticator to link to your corporate accounts, but it’s also a good idea to secure your personal accounts with MFA.
Application-based or hardware-based security keys are the most secure option. If that isn’t possible, SMS-based MFA is better than no MFA.
6. Use Security Software
If you’re working remotely, you should be using a next-generation antivirus product, one that’s hopefully been provided by your employer.
However, in order to stay safe, it’s also a good idea to install antivirus software on your personal devices too and it doesn’t need to cost a lot.
Using antivirus software can alert you to potential threats, be they malicious attachments, websites or or something else.
7. Follow Email Best Practices
Email is one of the most common and most effective attack vectors for malicious hackers, who can use it trick you into giving them access to your password, clicking a malicious link or downloading malware. However, by following best practices around email cybersecurity, it’s possible to avoid falling victim to email-based attacks.
The NSA recommends that you should avoid opening attachments or links from unsolicited emails and that you shouldn’t click on links in attachments from unknown senders.
If you are uncertain if an email is legitimate or not, if possible you should identify the sender via secondary methods, such as a phone call and delete the email if you’re told it isn’t really them.
The NSA also recommends that you should never open emails that make outlandish claims or offers that are “too good to be true” — like an unexpected suggestion of a bonus or a pay raise.
8. Be Careful When Using Social Media
Social media services like Facebook, Instagram, Twitter and others are a good way to keep in contact with friends and family — but they can also be a prime hunting ground for cybercriminals and other malicious hackers for conducting attacks.
Avoid posting information, such as addresses, phone numbers, places of employment, and other personal information, that can be used to target or harass you. Some scam artists use this information, along with pet names, first car make or model, and streets you have lived on, to figure out answers to account security questions.
You should also ensure that your personal social media accounts are set to friends only, to prevent unwanted eyes from snooping on your profile.
Also, take precautions with unsolicited requests, especially from strangers — attackers could use in-app messaging services to conduct phishing attacks or deliver malware.
9. Be Cautious When Using Public Wi-Fi Spots
One of the great things about remote working is that you can do it from anywhere, so maybe instead of working from home, you decide to work from the local coffee shop for the day.
Yes, it has an internet connection — but do you know how secure it is? The NSA warns that “public hotspots are more susceptible to malicious activity” which means you should take additional precautions when using public Wi-Fi, preferably avoiding it all together.
Instead, the NSA recommends using a cellular network like your mobile wi-fi hotspot or 4G or 5G connectivity. If you must use public Wi-Fi, the NSA recommends using a trusted VPN provider to protect your connection from malicious activities and monitoring.
Always remember if you’re using your laptop in a public place, don’t leave it unattended and available for other people to look at or steal.