Telecommuting and Remote Access in the Age of Cyber Insecurity: Unsecured Wi-Fi Hotspots and Router Malware
by Vijay Basani
This article is the second in a two-part series. Read the first part here.
In 2014, security researchers found that cyber thieves were targeting high profile executives and government officials. These were sophisticated, pre-meditated attacks on travelers using hotel Wi-Fi networks which may have been going on for years. Business travelers are prime targets because they are walking treasure chests of data and information. And, on long tiring journeys, are prone to let their guard down.
Using free Wi-Fi hotspots, such those offered by Starbucks or airports, is tempting, but is not safe. It takes little skill for a hacker who knows what they’re doing to tap into your laptop as you’re checking email while sipping a cappuccino.
Telecommuters and remote teams must also be wary of router insecurities. In May 2015, tens of thousands of home routers were infected with malware.These routers were then used to launch distributed denial of service (DDoS) attacks. Web security firm Incapsula discovered the router-based botnet, which had been launching attacks for months before being discovered.
Incapsula’s researchers traced the malicious traffic back to routers made by a specific manufacturer and distributed by ISPs around the world to their customers. The devices had DDoS malware programs installed on them — usually more than one.
Hackers are also targeting routers in what’s known as a “DNS hijack.” By inserting rogue DNS servers, your internet traffic is sent to unsafe servers versus the secure servers from your internet service provider. If your router gets hijacked, every data file on your computer is now vulnerable to theft and the potential for a virus infection is extremely likely.
Two steps you can take to decrease the chance that you, your router and personal data aren’t compromised are:
- Use a VPN while you’re on the road or working remotely from a location, such as a coffee shop. A VPN creates a secure, encrypted connection between your computer and the VPN’s server. This secure connection enables you to safely use your company’s network as if you were actually in the office. While you are connected to the VPN, all of your network traffic, including files being sent to teammates.
- Because hackers are generally one step ahead of everyone else, it’s anyone’s guess which routers are at risk or not. As in the case of the router-based botnet detected by Incapsulata, it had been attacking routers for months before it was found. To verify that your router is free from viruses and malware, go to F-Secure Router Checker and make sure the internet connection is safe. Rather than just running this check once, go back every 30-60 days to make sure the router remains virus free.
Telecommuting has many positive attributes. Not only can it increase business efficiency and contribute to organizational success, it provides workers with more opportunities and flexibility than ever before. It also supports a positive work-life balance which is conducive to higher productivity and happier personnel overall. Rather than trying to quell the telecommuting trend, integrate IT security policies that address the “road warriors” in your organization and make sure the policies are being adhered to as directed.
Vijay Basani is the co-founder, president and CEO of EiQ Networks.