How to protect your home network: Q&A
LOS ANGELES — The attack that made many popular websites unavailable to users Friday was launched from seemingly innocuous Internet-connected devices like routers, DVRs and closed circuit TV cameras from across the globe.
USA TODAY offers tips on how you can protect your home network.
Start with the router
Most folks never get around to password protecting their home router, which is used to split the Internet signal to various areas of the home and sometimes to WiFi. The first line of defense to your home network is to change the default password the router came with. Look for instructions in its information booklet or by searching online by the manufacturer's name and the router model number. Hackers and malicious programs rely on users not having done that, with lists of default passwords for pretty much every router made readily available online.
Other home devices
When possible, password protect every device in your home that's connected to the Internet, each with its own unique password. Password managers like Dashlane and Last Pass can help you keep track of the various passwords. You can also write them down in a notebook, which while not ideal is better than having no password protection at all. Consumers need to demand the same type of security they would expect on their smartphone for any Internet-connected device they bring into their home — and refuse to buy unprotected ones.
What about devices that won't take a password?
Unfortunately, a significant number of Internet-connected devices you might have in your home aren't set up for passwords at all. Computer security experts say this will only start to change when consumers refuse to purchase poorly-protected devices or devices that can't easily be updated. Many manufacturers now believe there's no consumer demand so they don't include good security.
Can hackers get into private data stored on a private appliance?
They can, though it's harder and less likely to happen. The Dyn attack was launched by an automated "botnet" composed of millions of compromised, Internet-connected devices. This sort of automated attack is the most common, and generally only subverts devices so they can be used to send messages to knock out specific servers, known as a Distributed Denial of Service attack, or DDoS attack. It's certainly possible for a single hacker to find their way into a home network if the devices linked to the Internet aren't password protected, but that's much less common.
What's the most important thing I can do to protect myself?
Botnets and almost all network-based attacks begin with a simple phishing email, where the user is sent an email containing links or attachments that open and download malicious software or malware onto their computer. That malware goes on to infect their system or network, opening a backdoor where hackers can come and go at will. So the best protection is to be wary of emails, especially those containing attachments or links, from unknown sources or even people you know whose accounts might have been hacked. When in doubt, start a new email to the person and ask if they sent you something to open.
If you get an email purporting to be from a company you do business with, especially if it asks you to "update your current information by clicking the link below," contact the company yourself to check. As security experts say, "do your own typing," i.e. don't click on a link because it's easier. Start a new email or open a new browser tab and type in the URL of the company yourself so you know you're going to the real address and not a fake designed to lure you in.
Remember that legitimate businesses never ask users to update or verify their personal information via links.
Be especially wary of emails claiming that you must respond immediately or threaten that without an immediate response your account will be disabled. More information on detecting and avoiding phishing scams is available at the Securities and Exchange Commission.