Had your fill of run-of-the-mill cyberthugs and think you’re ready to level-up to mass, state-sponsored cyber warfare? When whole networks and infrastructures collapse in the face of digital Armageddon, just what can one lowly person do?
Large-scale mayhem requires large-scale means — and you’re a few connected devices away from providing that. To launch a large-scale cyberattack, attackers need a botnet: in other words, a loose network of connected devices. This could be your laptop, your mobile, your Smart TV ... heck, even your smart toaster — infected to act as one in carrying out attacks against companies, power grids, or ultimately the world. And the reality is that the first line of defense all of these internet-enabled devices have is your router.
Yeah, that’s right: your router. That weird clunky box you have hiding under your couch or behind your desk breathing dust, forgotten by you, your internet service provider and in all likelihood its makers — that’s your unlikely hero, right there.But it can also be your weakest link unless you take steps now to make sure it’s working for you, and not them. You’d be surprised how unsecure routers are out of the box. The good news is that hackers usually go for the low-hanging fruit. Just a few improvements to your router security can make you an unappealing target.
Change your router’s default security settings
Open your router settings page and do this:
- Change the default admin username and password for your router.
- Turn on WPA2 encryption.
- Disable any remote access services.
- Make sure you trust all the devices that you connect to your network.
Update your router’s firmware
When was the last time you updated your router? Didn’t even know your router got updates, did you? Well, remember that bit about it being the forgotten stepchild of your ISP and its manufacturer? That’s where this fits in.
Updates are important for security, but unfortunately, routers rarely get the love they need. Sometimes, manufacturers don’t bother to update the firmware. Other times, they do, but the ISPs don’t bother distributing the update. And many times, it can’t even be updated remotely: you have to pull your sleeves and do it yourself.
Going through the step-by-step is a bit much for here, but Tom’s Guide has a very detailed how-to that should help you take care of it.
Check your router for vulnerabilities
Whether you can update your router or not, it may still not be safe. There are tools that can scan your router and all the connected devices as well, such as OpenVAS and Retina CS Community. You can also check to see if your router is already infected with malware – which is a far too detailed process to go into here, but you can find more information right here.
Buy a secure router
There is such a thing as a routers built with security in mind. There shouldn’t be. But there is. If your busted up box isn’t keeping you safe, get one that does. We happen to know a good one.
Survival tip 2 — Update all of the things
Updates aren’t just for routers. If the hackers get past that first gateway into your home, you’re going to want to make sure you’ve plugged all the other holes. That means:
Whether you rock Windows, macOS, Android, iOS, Linux, or just a Pebble, you’ll want to make sure you’re running the very latest version of the operating system.
- How to look for updates on Windows 10. (Still on earlier versions? You really should have moved on by now — but here’s where to look).
- How to look for updates on macOS
- How to look for updates on Android
- How to look for updates on iOS
- How to update your Linux system
Update your apps
Yep, even individual apps get security patches as part of their regular updates. There’s no easy guide for this, as many apps have their own way of doing things: for some you’ll have to check in the app menu, usually under the “about” section. For others, you’ll need to check their websites.
If you’ve installed Windows apps via the Windows Store, or the macOS apps via the Mac App Store, then you should be able to find a quick 1-click “update all” button.
On Android and iOS, if you’ve stuck to apps from the Play Store and App Store, you should also be able to just get all of your apps updated at once.
Update or disconnect your other devices
That means any other devices you have connected to your wireless network. Even your Roomba. You may be thinking “why bother updating my vacuum cleaner?” Well, even your lowly Roomba can be co-opted into a botnet that will launch a devastating attack against, say, a hospital. Not so lowly now, eh?
That’s without mentioning all the other ways your different connected devices can be used against you. So if your devices can be updated, you should.
That said, it may not even be worth doing. For all of your so-called “smart” devices, ask yourself if you’re really making use of them, and if you’re not, you may be better off dumbing them down by disconnecting their wireless functionality or configuring your router to stop them from connecting. This may be harder with your Alexa than with your overly talkative espresso machine.
Obviously, if they can’t get updated, also disconnect them.
Survival tip 3 — Beef up your security
There are a few different things you can do to improve your odds, and you’ve probably heard some of these before. But don’t be bored, yet. We’re talking large-scale cyberattack. All the little bits help.
Get an antivirus
Consider upgrading your antivirus security
Look: our free antivirus packs a punch way above its weight class: it’s stopped state-developed malware dead in its tracks before. But if someone’s hacking your router or your internet provider’s DNS servers and redirecting your traffic — none of that is happening on your device.
Our more advanced protection includes several added layers of security that can protect you against these kinds of things, like:
- Fake Website Shield (formerly known as SecureDNS), which protects you from DNS hijacking. In human-speak: it makes sure that when you type in an address, you get to the website for that address, and aren’t redirected to some imposter website.
- Anti-Spam: a healthy dose of advanced anti-phishing for your emails. Phishing emails are more than just Nigerian Prince scams. They’re usually the start of a beautiful thing — for hackers, not you.
- Webcam Protection will make sure no one’s using your camera to have a peek at your real-world life.
- Enhanced Firewall: ah, the classic. Yes, Windows also has one built in. But honestly, any non-Windows firewall is better. Not to rag on Windows, but security software that everyone has is the security software hackers spend the most time learning how to get around.
No pressure. You can give these advanced features free for 30 days:
Protect your connection
Get a VPN. No, really.
We’ve harped on about virtual private networks and how they’re the new antivirus before, especially when it comes to the dangers you can face on public Wi-Fi. And in the case of a large-scale cyberattack, you probably shouldn’t be doubling down on your barista’s cybersecurity skills.
But the same principle applies to your home router in this case: if it’s been taken over by hostiles, you’ll want to make sure they’re getting nothing but noise. Don’t even think about doing any banking without a VPN right now.
We’ve also got a free trial of this one, and it works on up to five different devices at once, so maybe take advantage of it until the whole large-scale cyberattack thing blows over…
Get your Android phones and tablets some armor too
Did you hear the one about Android phone manufacturers lying about deploying security updates to their customers? Yeah. Kind of undermines Survival Tip 2, don’t it?
Well, that’s where a good mobile antivirus solution comes in. It’ll cover those gaps when they drop the ball, and then some. And again, it’s free, so you really have no excuse.
Survival tip 4 — Brush up on the basics
So you’re done with the router updates, computer updates, and installing some protection on your gear. You should be all set to go.
Well, not so fast. There’s a few more things you should make sure to do:
Lock down your accounts
Still using the same password from your high school days? The one with the bad pun made by swapping letters with numbers? Yeah, it’s time to change that.
For any and all online accounts, whether that’s email, social media or whatever else you think is important, you should:
- Create strong passwords that you won’t forget. It’s not as hard as it sounds. If that seems too daunting, consider getting a password manager.
- Set up 2-factor authentication on the accounts that support it. I know. It’s a mouthful, right? What this means is that you’ve got a second way to unlock your account in addition to your password. This can be an SMS code that you receive on your phone, or one that pops up in an authenticator app like Authy or Google Authenticator.
Lock down your browser
I know. Your browser is your best friend, and your extensions are your gang. But they’re also the gateway drug to all kinds of bad juju online, so you’ve got to put them on lockdown. It’s not as hard as it sounds:
- Disable Java: it’s antiquated and unsafe. Just shut it off. You’ll hardly miss it.
- Get an ad-blocker: ads aren’t just annoying — they can be downright dangerous.
- Uninstall extensions you really don’t need: stick to the ones that you can’t live without.
- Add HTTPS Everywhere: Now that I’ve told you ditch some extensions, here’s one you should get: It forces your browser to connect only to encrypted versions of the web to keep you safer.
- Add Noscript: this kills all scripts from running in your browser. This can really break your web experience, so it’s for the hardcore only (though in the case of cyberattack of this magnitude, aren’t we all?).
Survival tip 5 — Pull out the tinfoil hat
The sad truth is that, even with all of this, you might not be able to stop a state-sponsored hack from roping you into a massive attack that could cripple your local hospital, financial institution or water infrastructure.
And even if you do, your neighbors are likely to be the unwitting patsies that take it all down because they didn’t get to read this guide (not-so-subtle-hint: send them our way).
Look, there’s no such thing as perfect security. But if enough people start doing the little bits outlined here, we just might slow down massive cyberattacks enough that they aren’t worth it.
Small consolation, I know. But we’ll be here, trying to make it happen.