Cybersecurity Risks Everyone Faces at Home – And How to Overcome Them

Updated: 13 May 2021
Updated: 13 May 2021

Miklos Zoltan

Fact-checked by

In this guide you will learn about:

  • Cybersecurity risks and threats you can face at home
  • Ways to recognize home network cyber-threats
  • Ways to neutralize or reduce home network cyber-threats

During the pandemic and its lockdowns, there’s been a lot of digital ink spent on several topics. Avoiding or reducing the risk of cybercrime and privacy loss is at the top of the list. When you think of work-related cyber risks, it doesn’t take long to notice a companion problem: the security risks to home devices and networks as well as personal privacy. We’re talking about activities we all engage in at home during non-work hours.

You might be asking yourself, why bother worrying about home network danger of anything? Don’t cybercrooks ambush large companies for the contents of their deep pockets? Yes, sometimes. But more and more often, ransomware, phishing, and malware attacks of home networks are in the headlines. And equally important, financial assets and personal safety can be at risk. For a real scare, think about online child predators and identity thieves.

So, what are these risks, which lurk around us, often without our realizing their potential harm? The list of risky situations is surprisingly long. It’s a good thing that the list of tactics we can use to reduce the risks is also long.

Quick Summary:
This guide to home network vigilance is designed for anyone who operates a wireless network at home, school, or on the move. First, we’ll work through that list of potential threats. Then, we’ll describe the ways you might recognize the presence of network cyberthreats. And finally, we offer a long list of ways to neutralize or reduce those threats.

Cybersecurity Risks at Home

Cyber Risks at Home

Taking home network security seriously is easy. First, read this guide. Next, walk through your home and think about how you spend non-work hours. List all the ways that you and your family use computer devices. Then review the security measures that you use to protect your devices and privacy. If you’re like most people, your best practices aren’t that great. Getting serious will be easier.

The Many Faces of At-Home Cyber Risk

Here’s a list of how users engage with computer devices or commit behaviors that create cybersecurity risk. Users are seldom aware of their potential risk, so protective methods are seldom set up. So, let’s look at risks that occur:

  • When you shop. Data breaches occur, customer data is sold to dubious third parties, and voila! Hackers steal 40 million customer credit and debit card numbers and sell this personal information on the black market.
  • When you use telecom apps. The dangers here include malware attacks or mobile or smartphone vulnerabilities. Cybercriminals exploit vulnerabilities in your mobile phone or smartphone hardware as well as the design of smartphone apps.
  • When you mistake identities online. Phishing attacks (a type of social engineering) are scary because they take so little time and lack of attention to happen. Cybercriminals trick people into revealing sensitive information by sending email messages, supposedly from a bank, an “important” business, or government organization. If the recipient doesn’t slow down to look for identifiable signs of phishing (there are quite a few), watch out! A click of a link takes them down a digital rabbit hole, where cybercrooks can get access to credit card information and other sensitive financial and personal data.
  • When you expose personal data. It’s amazing how many ways there are to expose personal data and suffer identity theft that often follows. Engaging in business transactions such as e-commerce is a big factor. But leaving resumes, home addresses, bank cards, social media photos, and video information in the open can also lead to identity theft, phishing emails, and data breaches.
  • When you have fun online. When it comes to online security, nowhere is safe, even online gaming sites. To the contrary, online gaming site traffic has spiked since the start of the pandemic. Common game site scams direct gamers to third-party websites, gather gamers’ IP addresses, and target child gamers.
  • When you bank online. Unless your home networks include a growing list of protective hardware and software, your risk of hacker intrusion, ransomware, and identity theft goes up. This is true for wi-fi and mobile devices.
  • When you seek healthcare. Healthcare data hacks and ransomware occur when bad actors get into healthcare databases containing sensitive information. When these databases are breached, identity theft, ransomware, and health insurance fraud often occur.
  • When your children are online. Two of parents’ worst nightmares—cyberbullying and sexual predation—are familiar to officials who monitor online crime. Although not all states consider cyberbullying a crime, many states are seeking to do so.

    Online predators trade illegal, lewd photos of children via email, peer-to-peer programs, or the dark web. Sexual predators try to lure children into offline meetings, which can lead to serious crimes.

Diagnosing Cyber Risk at Home

The risk represented by this list makes ongoing monitoring more essential than ever. Yes, that means monitoring is one more task to add to your home network maintenance chores. (Do you have a security to-do list? If you’re like most folks, you don’t, and your probably never thought that you would have one.)

By now, you should recognize the potential risk and harm of running an unmonitored wi-fi network at home. The payoff for the extra effort: finding and responding to intrusions by bad actors, ideally before they can do real harm.

Detecting hackers on your network

What does it take to detect hackers in your network? A list of indicators and persistence. Here is a list of indicators that cyber intruders have discovered your network:

  • An unusual spike in activity. When hackers enter your network, they can piggyback on your bandwidth. When they do, the indicator is an unexplained increase in internet traffic or a noticeable, consistent slowing of your internet connection.
  • Your firewalls are uninstalled without human effort. Certain types of malware can disable or uninstall your firewall. If your firewall lists as disabled, start investigating a possible intruder right away.
  • Your computer starts operating on its own. Does your cursor move across the screen on its own? If so, an intruder might have gained remote access to your computer. That means someone else can install or uninstall software or remove security measures.
  • Your web browser’s default home page changes. Sudden changes to your default browser or unexpected redirects to an unfamiliar page usually means security trouble. This is especially true with browser redirects. Attackers might send you to a fake website and gather financial or personal information.
  • Somebody asks you to give access to a program. If an unknown program makes that request, think “security alert.”

There are active steps you can take to check if someone is hijacking your network.

  • Identify which devices connect to your network. You can do this directly from your computer. Type your router IP address into the browser URL bar. Look for the router’s IP address; it’s usually printed on the router. If the addresses don’t match, look for security trouble.
  • Check which devices associate with your network. Somewhere in your Settings listings, you’ll find a section called Device List or Attached Devices. Remember, some devices will only appear as their IP addresses, so you’ll have to repeat the IP matching procedure described above for each device. If an IP address doesn’t match up with your list of known addresses, an intruder is using it.

Depending on the number of devices in your home network, this task might take some time. However, it’s a worthwhile endeavor if you’re responding to unusual network behavior.

Hardware and software solutions

Screamer headlines about cybercrime, privacy loss, and mammoth data breaches can discourage anyone. Fortunately, there are plenty of software and hardware products (some are free) that you can use to keep the crooks at bay.

Here are six types of security products that are suited for wi-fi network use. Instead of recommending specific brands of products, we’re listing the capabilities that give you the most protection for your purchase dollar.

Device tracking software: Android and iPhone devices come with built-in capabilities that track lost or stolen phones. Look for software apps that add to those capabilities by making it easier to track and recover a lost device and its data. Consider apps that:

  • Generates a report when a device goes missing. The report should include GPS tracking coordinates and active nearby wi-fi locations.
  • Provides hardware information about the device (IP, MAC address, and serial number) to confirm that it’s yours.
  • Enables you to configure control zones. These are specific areas on a map that the device shouldn’t leave. If you preset the zones, the device will notify you if it’s taken out of bounds.

Password managers: Too many people use their cat’s name to log into their Amazon, email, and social media accounts. If your family members haven’t met password management software, introduce them today.

Most password managers help you create strong and unique passwords for online accounts and enter usernames, passwords, credit card numbers, and addresses into websites and supported apps. However, you might want to consider a more advanced design, which includes:

  • Organizing URL addresses, notes, bank accounts, driver’s license information, and credit card numbers into several vaults and tagging them as needed.
  • Knowing when a site you use has been compromised (and you must change the password immediately).

Antivirus tools: You’ll find antivirus tools for smartphones, computers, and tablets. Some of these apps provide low-cost options that can strengthen devices and data security. Of course, you want your app to do regular scans by detecting threats and vulnerabilities and check apps for malicious content before they’re installed. However, these advanced capabilities might provide what you need:

  • Block malicious links on the web.
  • Verify the security of wi-fi networks.
  • Alert you if an online account has been hacked.
  • Provide a virtual private network (VPN), which encrypts internet traffic over any network.

Virtual private networks: VPNs create an encrypted link between a device and VPN server at the signal’s destination. This approach provides an extra layer of protection by encrypting Web traffic. The goal: preventing unauthorized observers from viewing your online activity.

  • Offer fast speeds over short and long distances.
  • Secure connections with AES-256 encryption.
  • Can be used on several devices at the same time, with unlimited bandwidth.

Encrypted text messaging: A small but fast-growing group of messaging apps are built with some level of encryption. As more people become more security-conscious, these apps are becoming more popular. Some brands offer free end-to-end encryption for messages, voice calls, and video chats by default. Other brands require you to enable E2EE manually.

Network scanners: Yes, operating home wireless networks is becoming downright fussy, and we have the Internet of Things (IoT) to thank for it. Network scanners are a new product category, in which technology solves a problem created by—you guessed it—technology.

Each scanner helps you learn which IoT devices connect to your wi-fi network and troubleshoot problems with the network and devices. However, you can also look for scanners that:

  • Run internet speed tests.
  • Provide detailed device information such as IP address, MAC address, and the device name, model, and vendor for each device.

 

Taking an Active Role in Reducing At-Home Risk

Though relatively easy to access and use, wi-fi networks are not always secure. Learning how to secure your wireless home network against cybercriminals is a smart move.

Reducing Cyber Risk at Home

No need to wait passively until disaster strikes. Here are 17 ways that you can avoid or reduce risks of at-home cybercrime and privacy loss.

  • Separate work and personal devices. You’ve probably hearing this tip more and more often. Yes, it’s more easily said than done, but it’s important to carve out boundaries between work and your home life. If you can do the same for your mobile devices, that’s even better.
  • Change the name of your default home network. Changing your network’s default name makes it harder for malicious attackers to know what type of router you have. If a cybercriminal knows the manufacturer’s name of your router, they will know what vulnerabilities that model has. Also, disclosing too much personal information in a wireless network name might expose you to identity theft.
  • Set strong and unique passwords and PINs. Every wireless router comes pre-set with a default username and password, which are needed to install and connect your router. As soon as you get the router home, change both names immediately. A good wireless password should be at least 20 characters long and include numbers, letters, and various symbols.
  • Protect Internet of Things devices. Check which devices connect to your home network. Make sure that these IoT devices are protected with antivirus or anti-malware software.
  • Enable two-factor authentication, and use an authenticator app. The two-factor authentication method grants access to network locations, assets, and privileges but only after people logging on present the right answers to access challenges.
    These days, TFA typically involves password authentication and a one-time code or push notification. While convenient, text messages are losing favor as the second factor in this process. In fact, federal security officials explicitly disapprove of text message use. Why? Because attackers have learned some slick workarounds, which avoid vendor security protection methods. For now, the best practice is to use an authenticator application.
  • Encrypt your devices. Encryption is the process of encoding information so only authorized parties can access it. Without a, PIN, or biometrics, encryption prevents strangers from accessing the data contents of your device.
  • Invest in a password manager. These useful tools help you create, remember, and share strong passwords with family members. They also make it easy to use a unique password for each website you visit.
  • Use only supported operating systems. New vulnerabilities often affect old versions of operating systems that are no longer supported by their developers. Always use a supported operated system, and if your device allows it, the latest version.
  • Keep your operating system up to date. There can be long delays between the time a vulnerability is found and fixed. Minimize this risk by ensuring that all devices apply security patches as soon as possible, ideally by automatic updates. Most modern devices will automatically apply updates by default.
  • Keep other software up to date. It’s important to keep any installed applications up to date. Most modern software will check for and apply security patches automatically. Whenever possible, consider using a secure SaaS application rather than installable software. The SaaS app never goes out of date, and security management is in the hands of the provider, not you.
  • Use antivirus software. It can help protect your computer from viruses, software, spyware, ransomware, rootkits, trojans, and other types of malware. Antivirus software eliminates viruses and prevents any potential virus from infecting your computer in the future.
  • Enable automatic locking. Lock any device that you walk away from. Most modern devices lock automatically by default. So, it’s easy to configure intervals that are convenient for you but not so long to make your device content vulnerable. Thirty seconds for mobile devices and five minutes for laptops are often suggested values.
  • Enable Find My Device and Remote Wipe. When a device is lost or stolen, wiping it makes it much it harder for bad actors to access your data, no matter how much time or determination they have.
  • Wipe all devices before you share, sell, or dispose of them. When lending, giving, selling, or just throwing out an old device, make sure to return it to its factory settings. This habit virtuous habit prevents your data from being accessed after you no longer have control over your device. Before doing this, however, remember to back up or transfer any important information on the device.
  • Turn off the wireless home network when you’re not at home. Shut down your wireless home network when you don’t plan to use it for a long time. Consider doing the same thing with all your devices when you won’t be at home or when you use Ethernet cables.
  • Use a virtual private network. A virtual private network (VPN) enables you to send and receive data across shared or public networks as if you are directly connected to the private network. VPNs can reduce the risk of certain cyberattacks, such as man in the middle attacks They can also prevent websites from learning your real location or your internet provider by monitoring your activity.
  • Install a hardware firewall to secure your wi-fi network. A hardware firewall does pretty much the same thing as a software one. Its biggest advantage: it adds an extra layer of security to your network. Most of the best wireless routers include a built-in firewall, which should protect your network from potential cyber-attacks.

So, there you are, a truckload of when-to and how-to security maintenance information for your home network. It’s unlikely that you want to implement every suggestion that we’ve presented here. But we do hope that the number and variety of security tips and indicators encourage you to look at your home network with new eyes.

Summary and Conclusion

A good subtitle to this guide could be, “Vigilance pays.” Paying attention to the details of home wi-fi security is a serious responsibility. But the effort does pay off in terms of lower risk of losing money and peace of mind.

What you can do today: So, what can a family of online shoppers, bankers, gamers, healthcare seekers, and learners do to keep strangers out of their data and their lives?

There are many ways to fix the security risk problem, of course. Here’s one that might work for you. The trick is to start with one or two scenarios, fix them, and then add others, fixing the problems that they present as you go. The idea is to avoid getting distracted by a long, long list of to-do items.

In the spirit of this slow-as-you-go approach, consider these steps:

  • Identify your high-risk use case. Choose the scenario that most affects you and your family’s risk of getting hacked. If your family includes devoted gamers, who spend lots of time online, consider its risks and compare them to risks of other network uses.
  • Identify the hardware/software/best practices suited to lowering the risk. If you choose gaming as your #1security concern, consider the ways that hackers might go on the attack in a gaming environment. Then, consider the hardware, software, and best practices most likely to reduce the risk.
  • Do research. Go shopping. Careful research finds about a half-dozen antivirus apps that include the trifecta of excellent anti-malware protection for gamers and families, software that doesn’t slow down a PC during high-performance gaming, and a price that offers a good value to all types of gamers.
  • Install hardware and software. This procedure assumes that all readers will have the knowledge and experience to do this process on their own. If you prefer to delegate the process to a third party, there are qualified managed services providers in your area, just a phone call or click away.

We hope that this startup guide to home wi-fi network security will help you get beyond a problem that few people talk about. If you want to secure a remote home office, you’ll find information in a companion guide here.

Written by: Patricia Ruffio

Connect with the author:

Ms. Ruffio’s career spans more than 45 years’ experience writing about technology and science for business, technical, and government audiences in the United States and overseas. Her work includes:

  • Technical writing and editing for companies in the petroleum, biotech, and information technology sectors.
  • B2B technical content and copy writing for companies in the information technology, healthcare, and education sectors.

Her qualifications include:

  • Bachelor of Science in Biology (Portland State University)
  • Master of Marine Studies (University of Washington)

Ms. Ruffio has worked with companies of all sizes and stages of business maturity. However, she has worked with enterprise companies such as Microsoft Corporation, Intel, Hewlett-Packard, Compaq, Cognizant Technologies, Amoco Oil Company, Shell Pipeline, and Tata Consulting Services.

Her notable projects include:

  • For National Oceanic and Atmospheric Administration (NOAA): Wrote field reports for the Outer Continental Shelf Environmental
  • Assessment Program, a first-of-its-kind regional baseline survey of Alaskan waters.
  • For syndicate led by Hudson Engineering: helped edit Sakhalin Island Environmental Impact Statement (part of drilling proposal); submitted to the Republic of Russia.
  • For syndicate led by Amoco Production Company, edited Eighth Licensing Round North Sea drilling proposal; submitted to the Republic of The Netherlands.
  • For Amoco Production Company: Senior editor on two-year rewrite of APC purchasing specs.

Leave a Reply

Your email address will not be published. Required fields are marked *