Taking basic precautions can help protect your devices
The massive botnet attack that disrupted internet traffic in late October, powered by malware known as Mirai, was many people’s first exposure to the fact that household items can be hijacked for nefarious purposes. Experts have been talking about the dangers inherent in the “Internet of Things” (IoT), but, by and large, those warnings have fallen on deaf ears.
Now that we’ve gotten a look at just how much trouble a network of hijacked devices can cause, how about some advice on how to prevent your own devices being diverted from their job of recording your favorite shows or keeping your leftovers cold. Consumer Reports’ Andrew Chaikivsky and Tripwire’s Craig Young offered some basic advice we all should follow:
It’s important to change the default password on as many IoT devices as possible, especially cameras. But the most important device to secure is the router that sits at the heart of your home WiFi network. This is the conduit from the devices in your home to the rest of the world.
There are a number of steps you can take to secure your router against malware, including Mirai. Here are some of the most important.
1. Go into your router’s settings and disable remote management, specifically remote management through Telnet. (This is a protocol used for letting one computer control another from a remote location, and it has been used in previous Mirai attacks.) This will combat attempts from computers outside your home to take control of devices in your network.
2. Next, disable Universal Plug-and-Play (UPnP), which many home routers have enabled by default. UPnP creates a hole in your router’s security that could allow malware to infiltrate any part of your local network. “There won’t be a lot of cases where disabling UPnP will break things,” Young says, stopping devices from connecting to the web and working properly.
3. Because Mirai scans for default settings, make sure you are not using your router’s default password.
4. If your router is more than a few years old, consider buying a new one—especially if you’ve been using it without a password, or with the default one. A new router may be faster as well as more secure.
As usual with tech security, a failure to change or use secure passwords is the #1 culprit. Most hackers operate in the same way burglars do, seeking out the easiest avenue of attack and avoiding those that look to be overly difficult or dangerous. By taking basic precautions you help prevent yourself being identified as a target and, by extension, your network being used to facilitate a hack.