27 April 2018

Securing home networks is important when employees work from home

Trend Micro has listed a number of security considerations for businesses that enable their workforce to complete mission-critical tasks outside their main office. According to the security company, some of the biggest threats are related to employees' home networks, as well as networks at public places like coffee shops, airports and hotels.

Unsecured home routers, as Trend Micro pointed out in the Most Noteworthy Home Network Security Threats of 2017 report, are conduits for communications on all sorts of devices used for work and could potentially impact the entire enterprise network once the staff member brings the endpoint back to the office for work.

The issues include:

· Incorrectly configured networks, which can provide an open door for malicious actors.

· Default or weak passwords in use, as these are low-hanging fruit for hackers.

· Not keeping up with firmware updates, creating vulnerabilities.

Routers and other devices are also being leveraged for mining Bitcoin and other cryptocurrencies, which Trend Micro calls "the most detected network event seen in 2017". Besides routers, devices found mining cryptocurrency included home computers (14,586), tablets (358), smartphones (981), game consoles (314), IP cameras (573) and printers (219).

"Cryptocurrency-mining malware, for instance, are capable of infecting devices to illicitly mine for cryptocurrency," Trend Micro researchers noted in the report. "Such malware can spread the same way other malware types spread, e.g., through spam emails and malicious URLs, and take advantage of the computing power of multiple devices to increase yield from mining."

Another threat comes through Remote Desktop Protocol (RDP) capabilities in devices, which hackers are using to carry out brute force logins of devices operating outside the office. RDP technology allows someone to take control of a device remotely. While it is meant to be used for maintenance and troubleshooting, hackers can also use RDP to execute malware that could eventually spread to enterprise networks; steal user details, and find out who has control of what devices. Those with more privileges may then be targeted for a wider network attack.

Source: Trend Micro. Network diagram above a tablet.
Source: Trend Micro. Network diagram above a tablet.
"The risk lies in the network, when a hacker is able to gain access to the RDP without the user admin knowing," Trend Micro researchers explained. "The home network is where all the connected devices and stored data lie."

In one real-word instance, an employee took his work laptop home, where his daughter used the device to check her email. One infected message that she opened contained Sircam, which infected the laptop and then the corporate network after the laptop was brought back to the office.

Luckily for the employee and the small business he worked for, the infection was spotted on the company network and systems were disconnected before it could spread further or damage machines. The instance did result in downtime for the company, during which the network had to be cleansed and employees were unable to access mission-critical assets.


Read the blog post from Trend Micro, and check out Trend Micro's report