In the age of work from home and remote computing, cyber criminals are looking for new and innovative ways to infiltrate organizations and steal their precious data. One of the most recent methods is though your mobile devices on your home network. Since we now connect to our work networks from our home networks, if they can get into one they may be able to get into the other. This is the path they are taking:
- User downloads an infected app on their mobile phone (note, this can be ANY user, not just the adults in the household. Were your kids bored this summer and looking for new games to play on their Android phones? If so, this could be a way in if those apps were infected).
- Once the malware is on the phone, it attacks your wifi router and tries to get logged in as admin. Any idea if you ever changed those default credentials for the router? Maybe it is still “admin”, “admin”? If so, the malware will get in. Even if you changed it to something more complex, the malware will try to crack the code to get in.
- Once in your wifi router as admin, the attacker will change your DNS servers in your router. DNS (domain name services) is how your computer knows where to find websites on the Internet. So when you type “google.com” the DNS server points you to the server at Google (the actual company). However if a fake DNS server gets in the way, it could point you to a site that looks like Google.com located at Fake Google (the hacker’s server).
- The Fake Google website is infected with malware and when you click a link on the site it will try to move that payload (malware) to your computer.
- Once on your computer it can get to places where your computer is connected such as your company network and compromise all of the data on that network as well.
So how do you prevent this from happening? Start by changing those router credentials from whatever was sent to you from the factory to something long and complex that only you know. Next, make sure that you are running an up to date antivirus program on your computer. While A/V won’t catch everything, it might catch some of these malware programs.
Lastly, use vigilance! Don’t click on things that look suspicions, offers which seem too good to be true, and make sure that you do not get baited by applications or websites which offer “the latest COVID info” or “Super Big Storm Updates”. Use well known websites for this information and be sure to think twice, click once.
Michael Giuffrida from Southington CT has been operating businesses since 1997. He is an experienced entrepreneur in business management, profitable growth, business valuation, mergers and acquisitions, and information technology managed services.