Cyberproofing your homes

A survey showed that 58 percent of users in the Philippines experienced local threats or  malicious software infections that penetrate computer systems using means other than the Internet, e-mail, or network ports.

A survey showed that 58 percent of users in the Philippines experienced local threats or malicious software infections that penetrate computer systems using means other than the Internet, e-mail, or network ports.

You can be at risk, even right within your own home.

Recent reports showed that the rising incidence of cyberthreat incidents has not spared anyone or any place for that matter, with malicious software infections seen penetrating computer systems of government institutions, businesses, and even the homes of private individuals.

These incidents cannot be taken lightly as they can potentially result in huge financial losses for companies, government institutions, and even individuals.

Just last week, several reports surfaced about epic cyberattacks crippling a major Internet firm, repeatedly disrupting the availability of popular websites across the United States.

The hacker group claiming responsibility was said to have a “secret weapon in the increasing array of Internet-enabled household devices they can subvert and use to wreak havoc.”

“On Friday 21 October, it was widely reported by a number of outlets that cybercriminals used Internet-connected home devices, such as CCTV cameras and printers, to attack a provider of DNS services and, indirectly, affect access to popular websites such as Twitter, Spotify, AirBnB and Reddit. It has been suggested that the attack was carried out, at least in part, using a botnet of Internet of Things (IoT) devices,” said David Emm, principal security researcher at Kaspersky Lab.

“The method of infection appears to have been very simple and relies on human complacency—manufacturers shipping devices with default configurations, and those using the devices without altering that default configuration. The attackers use default credentials to gain access to online devices—including routers, IP cameras, DVRs and more.  Once the malicious code has been written to the device, it then becomes part of their botnet,” Emm added.

Emm noted that this wasn’t the first time that connected devices were used as a vehicle for attack.

“In recent years, baby monitors and webcams have hit the news on account of vulnerabilities which allow criminals to access the devices and redirect them for malicious purposes. IoT devices are an attractive target because many use default credentials that attackers can exploit, there are no firmware updates for many devices and they often have 24/7 connectivity,” Emm explained.

Local threats

Such incidents are currently happening in the Philippines as well. The country, in fact, was one of the top three countries in the Asia Pacific region identified to have the highest number of local cyberthreat incidents, according to global cybersecurity firm Kaspersky Lab.

Latest statistics showed that for the third quarter this year, 58 percent of users in the Philippines had experienced local threats, which referred to malicious software infections that penetrate computer systems using means other than the Internet, e-mail, or network ports.

Kaspersky also identified the Philippines as a prime target for both Internet-based computer, and mobile malicious software threats, placing the country well within the “high risk group” in terms of the number of users attacked during the second quarter this year.

Further, nearly half of Filipino Internet users were found by Kaspersky to be at risk of falling prey to cybercriminals due to lapses and other harmful online habits that could make them highly vulnerable to attacks.

This was based on the results of a survey conducted earlier by  Kaspersky Lab, which polled some 18,000 Internet users from 16 countries, including 1,394 from the Philippines.

Practical tips

There are ways, of course to help counter such cyber attacks. Emm explained that the best advice for anyone using connected or so-called IoT devices at home, is to ensure that the default passwords on all devices are changed—using more unique and complex passwords—to prevent them from being remotely accessed.

This should include home routers, which are the gateway to your home network.

“The temptation may be for people to want to disconnect all devices in light of such news, but in today’s increasingly connected world, that’s not realistic. Although, it’s always good to review the functionality of a smart device and disable any functions that you don’t actually need. However, good password ‘housekeeping’ goes a long way to keeping cybercriminals away from your devices. This kind of large scale attack also highlights the need for manufacturers to consider security by design for such devices, rather as an afterthought,” Emm said.

Here are some of other old, easy and practical tips offered by Kaspersky to help you cyberproof your homes:

Read more...