IT Security Procedures You Should Not Forget After Electronic Gadget Shopping
The holiday season for many is also the shopping season. And the most common item to shop for personal or for a loved one is electronic devices. Be it a new TV, smartphone, tablet, a desktop, a laptop or an Internet-enabled refrigerator, gadgetry during the holiday season is a norm in our high customer consumption age. IoT devices are also entering our daily lives, from the smart thermostat to smart doorbells and for smart lights.
A typical modern home now has more Internet-connected devices than not, soon enough even our washing machines, airconditioner/electric fans and our comfort rooms will have this chip-based gadgetry installed beyond our imagination. This will increase the convenience and comfort of users, however, this is not at all good news, as more Internet-connected devices mean more chances that cybercriminals will be able to find more target.
As end-users of smart devices, what can we do to minimize the attack surface of our gadgets? Here are some tips:
Turn off modem/router’s Universal Plug and Play feature (UPnP)
Universal Plug and Play has never received any positive comments from IT security experts globally. It is a system of autoconfiguration for network devices and the router, which enable the former to automatically open ports it requires to connect to as part of an online service. The most common use case for UPnP is the game consoles like the XBox and Playstation which when connected to a UPnP-enabled router, auto configures itself and open all the necessary ports it requires without the user/admin manually configuring port forwarding. Although very convenient, Universal Plug and Play is a favorite target of cybercriminals as its implementation varies from device to device, and many devices have UPnP configuration are actually misconfigured by default. Trojan horses and worms take advantage of these known loopholes to penetrate an otherwise secure network. Security researchers recommend manual configuration of port forwarding for devices inside the home network that requires it while turning off UPnP support in the router’s admin page. This procedure is one of the best things a user can do to protect the network from UPnP-based outside intervention.
Apply firmware updates for the router/modem.
Just like any computer, router/modem is also a computer by its own right. It has a processor and an operating system that runs all the services expected from it. It is unfortunate that many still consider these networking devices as dumb machines, instead of actual computers which they really are. Just like a regular desktop and laptop computers that receive regular fixes, patches and updates from its vendor, routers/modems should also be patched/updated regularly. The firmware updates are issued by the router/modem vendor during the entire lifetime of the device. These firmware updates may also come with an added bonus, like support for new encryption standard much newer than the one it came with.
Keep the router/modem admin interface secure, by changing the default admin password.
The default password of a home router/modem is usually ‘admin’, ‘password’ or just blank space. This may vary from vendor to vendor, however, upon installation of the router, it is prudent to change the default admin password. Keeping the default password is bad, as default passwords for routers are well documented on the Internet.
Turn-on automatic updates for all Internet-connected devices.
This should be the rule, not an exemption. Updating the software is the responsibility of the computer administrator in an enterprise installation and end-users in a home setup.
If guest network needs to be used for quite a while, be sure to disable it afterwards.
Guest networks are used to isolate the main wifi network from the guest users that only requires internet access, not the usual network services and shared folders. Be sure to disable the guest network as soon as the guest left the premises.