Chris Swagler | March 2nd, 2023

The United States National Security Agency (NSA) provided recommendations to assist remote workers in securing their home networks and defending their devices from cyberattacks. The Defense Department’s intelligence agency released a list of recommendations, including highlights urging teleworkers to update their devices and software. Remote workers are recommended to regularly back up their data to avoid data loss and disconnect equipment not being used or that doesn’t require an active internet connection. If one of the devices becomes infected with non-persistent malware, they should periodically reboot their computers or schedule a restart to remove the malware and reduce the risk.

Remote workers should schedule weekly reboots of their routing devices, smartphones, and desktops. Regular reboots can aid in removing implants and ensuring security. Other best practices remote workers need to utilize should include using non-privileged user accounts on their computers, enabling automatic updates, covering webcams, and disabling microphones while not in use to prevent eavesdropping attempts through compromised devices or malware.

Additionally, the NSA suggests utilizing personal routers that are regularly updated over standard ISP-provided modems or routers, which may not receive regular security updates. Routers serve as an entry point into remote workers’ home networks. It’s more likely to be penetrated without proper security and patching and can lead to other networks’ devices being compromised. Routing devices on remote workers’ home networks need to be updated with the latest patches, preferably through automatic updates, to reduce vulnerabilities and improve security. Routers need to be replaced before their end-of-life date to guarantee that they continue receiving security patches that address newly discovered vulnerabilities that threat operators can exploit in network breach attempts. The guide contains recommendations on how to secure routing devices, implement wireless network segmentations, and ensure confidentiality while teleworking. Internet users may be concerned about spearphishing, malicious ads, email attachments, and untrusted applications. NSA shows not only remote workers to secure their home networks, but also offers advice on how to be safe online.

With employees remote working, their home network can be utilized as an access point for nation-state threat actors and threat operators to steal sensitive information. Users can reduce the risk by securing their devices and networks and practicing safe online behaviors. Additionally, it’s always important for companies and their employees to remain vigilant on the current threat landscape and regularly update their network security infrastructure. At SpearTip, we examine companies’ security posture to improve the weak points in their networks and engage with people, processes, and technology to measure the maturity of the technical environment. Our experts provide technical roadmaps for all vulnerabilities uncovered and ensure that companies have the awareness and support to optimize their overall cybersecurity posture. Our engineers focus on restoring companies’ operations, isolating malware to reclaim their networks, and recovering business-critical assets.

If your company is experiencing a breach, call our Security Operations Centers at 833.997.7327 to speak directly with an engineer.