By LOI Liang Yang
IBM Security Sales Specialist – Singapore
CISSP | Certified Ethical Hacker | CompTIA Security+
In these unprecedented times of pandemic outbreak, remote working has become the new and necessary “normal”. Firms are forced to adopt technology at a much faster pace. Working from home presents its own sets of challenges, amongst which are ensuring cybersecurity measures are in place.
We spoke to Mr Loi Liang Yang, a top Certified Hacker at IBM Singapore to hear what can law firms do to create a more secure home network for their staff and further safeguard the confidentiality of client information.
What are some of the ways hackers can get into home networks?
Yang: Hackers can gain access into your home environment from all devices in your network. Your web cameras, network printers, laptops, mobile devices and home routers are all subjected to cyberattacks if they are not secured properly.
For example, if you bought a web camera, and it is installed with a default username and password, it is very easy for the hackers to gain direct access into your web camera from the internet using those default username and password.
What are all the vulnerable points in a home setup like the above?
Yang: There are a lot of vulnerabilities in a home setup. Default usernames and passwords, unpatched software on your home computers and many others that must be fixed quickly in order to prevent cyberattacks.
What are some of the ways to safeguard home networks?
Yang: Do remember to implement these simple but effective measures such as:
- Change all your computer passwords regularly
- Use strong passwords that are more than 9 characters with mix of letters, symbols and characters
- Update your software across all your devices
What are all the ways user’s credentials can be compromised and how to avoid such compromises?
Yang: Hackers can get your usernames and passwords quickly from breached websites where millions of usernames and passwords have been compromised. As such, regularly updating your passwords across your home devices will help you prevent the hackers from gaining direct access into your computers.
Clicking on malicious links is another way for hackers to phish out your credentials by installing viruses into your computers that will make all your passwords visible to their hack attempts. As such, we must validate links by hovering onto the links as well as checking the source of email or sms.
* Is Multi Factor Authentication (MFA) enough of a security measure for protecting user’s credentials?
Yang: Yes, Multi-Factor Authentication (MFA) helps slow down the hackers drastically through an additional layer of security. All of your accounts, whether they are company’s account or your personal accounts must be protected with an additional layer as hackers need to get pass more authentication security in order to gain access into your personal information.
* Can you describe and show (if possible) how an actual real life hack is carried out?
Yang: Watch these to see how hackers can potentially infiltrate into your devices and networks:
- How hackers hack into WhatsApp Messages:
- How hackers hack into mobile devices:
- How hackers perform wireless hacking:
We thank Loi Liang Yang for his article contribution.