10 Ways to Protect Your Home Network from Hackers

Dan Tynan
Updated
Hacker illustration
Hacker illustration

(Thinkstock)

Protecting your family’s digital assets used to be easy. You just turned on your PC’s built-in firewall settings and turned on an antivirus program. As long as you didn’t install strange software or do anything stupid, you were usually OK.

Times have changed. Now you can get infected just by visiting a compromised website. Organized gangs of cybercriminals are trying to break into your bank account, steal your identity, or take control of your home network to send spam and launch attacks against other machines.

Read: 5 Ways to Make Your WiFi Network Safer, Faster, and More Reliable

And instead of just one machine to protect, you might have a dozen — including mobile phones, game consoles, streaming video boxes, and smart appliances — all vulnerable to attack. Just like a big, juicy corporate network. In fact, as big companies make their networks harder to break into, cybercrooks are moving to home networks, says Michael Kaiser, executive director of the National Cyber Security Alliance.

“Every family needs its own chief security officer, someone who spends time thinking about all the digital components in their lives and what they’re doing to secure them,” says Kaiser, whose organization operates the Stay Safe Online Web portal and sponsors National Cyber Security Awareness Month each October.

Odds are that someone is you. There are several things you can do to persuade the bad guys to move on to easier targets. It starts with the gateway to most of the digital devices in your home: your wireless router.

1. Fortify your WiFi.
Hopefully, by now you’ve changed the default log-in name and passwords for your WiFi router and turned on WPA or WPA2 encryption. (If not, do it now — I’ll wait.) Instructions for each router vary; your best option is to visit the manufacturer’s support site to find out how.

Linksys router setup page screenshot
Linksys router setup page screenshot

You also need to make sure your router’s internal sofware (aka firmware) is up to date. Last February, security researchers Team Cymru discovered a security hole in more than 300,000 routers that could allow a remote attacker to hijack any home network and access all the machines attached to them. Again, the router maker’s website should have information on how to update firmware; some will let you set the router to update itself automatically.

If you’ve recently bought a new router, register it with the manufacturer, either online or by mailing in the reg card that came in the box, suggests Robert Siciliano, online security expert for McAfee. That way you’ll be notified if there are any security updates available.

Read: WiFi 101: How to Buy Your Next Wireless Router

2. Install antivirus software and keep it up to date.
This should be obvious, but according to Microsoft’s annual Security Intelligence Report, one out of four PCs in the US is not running up-to-date antivirus software, making them nearly six times more likely to get infected than those that are. The numbers for mobile devices are downright shocking — only one in 20 smartphones is protected, says research firm IDC.

Malware scanners won’t catch everything, admits Stephen Cobb, senior security researcher for ESET North America, makers of security software for PCs, Macs, and Android devices. But a properly licensed anti-malware program can protect you against the vast majority of online threats, even some “zero day” threats that have never been seen before, he adds.

At the moment, malware that targets phones and tablets is still somewhat rare. Over the next couple of years, that is guaranteed to change. Fortunately, there are plenty of security apps for your mobile devices, many of them free. Some of the top iPhone security apps are made by Trend Micro, McAfee, and Lookout Mobile. Aside from ESET Mobile Security, you can find highly recommended anti-malware Android apps from Avast and Avira.

3. Update your operating systems early and often.
Attackers love crawling through holes in your computer’s operating system, which is why you always want to be running the latest version of your OS. Yet, according to security vendor Secunia, nearly 13 percent of operating systems aren’t up to date.

OS X update screenshot
OS X update screenshot

The easiest way to keep Windows up to date is to tell it to automatically download and install updates as they appear. This will cause your system to reboot, which could thoroughly bollix any work you haven’t saved, although the system will alert you before a reboot. (Security updates are usually distributed every second or fourth Tuesday, so you can also plan ahead.) In OS X, you’ll want to go into System Preferences, launch the App Store app, and make sure it’s set to automatically install security updates.

4. Patch your software till it hurts.
You know those seemingly constant reminders to update various bits of software? Odds are it’s because there’s a security hole that needs to be plugged. According to Secunia, one in nine software programs is left unpatched. And two of the least frequently updated programs — Oracle Java and Adobe Reader — are also among the most vulnerable to attack.

Yes, updating software is a total pain. Fortunately for Windows owners, Secunia’s free Personal Software Inspector (PSI) can scan all your software, automatically locate any necessary updates, and install them automatically. The bad news? You’ll have to scan each computer on your network separately, and there are no consumer-friendly auto-patch options for Macs.

5. Ditch outdated applications.
Once software has reached the end of its commercial life and the publisher has stopped supporting it, it’s really time to move on. (I’m talking to you, the 24 percent of people who still run Windows XP.) Why? Because if some enterprising hacker finds a new security hole, there will be no patch to add. You’re a sitting duck for any new exploit.

Read: Still on Windows XP? Here’s Some Bad Advice

6. Get real about passwords.
Until something better comes along, we are still mostly stuck using passwords to protect our most sensitive devices and accounts. Hopefully you’ve read enough stories about people’s accounts being hacked because they used “password” as a password to choose a more complicated one — the longer, the better. Or use an encrypted password manager like 1Password, Dashlane, LastPass, or MaskMe to generate complicated passwords and remember them for you. Don’t make me come over there.

Read: Weekend Project: Fix Your Passwords

7. Turn on two-factor authentication.
Even complex passwords can be cracked with enough effort, Siciliano notes.

“A determined hacker can use a plain ol’ laptop to crack long passwords,” he says. “Tools to do the dirty work are available for free or just a few bucks.”

Two-step verification setup screenshot
Two-step verification setup screenshot

Adding a second “factor” — like a PIN code sent via SMS that you have to enter into a form along with your password — helps cut down on a stranger’s ability to access your account. If someone attempts to access your account from an unknown device, you’ll receive an alert, giving you an opportunity to go in and change your password before the bad guys get your stuff.

Read: How and Why to Turn On Two-Step Verification for Your Apple, Google, and Yahoo Accounts

8. Wipe your old hardware.
Old hard drives, USB sticks, phones, and backup discs can be chock-full of highly personal data as well as passwords and other log-on credentials. Make sure to wipe them clean before you resell them. Or physically destroy them before you recycle.

Read: Five Things You Must Do Before You Ditch Your Old Gadgets

9. Shut up on social media.
You don’t have to go dark on Facebook or bury your Twitter account. But you don’t need to share every facet of your life with total strangers, either. Avoid exposing personal information that could also be the answer to password reset security questions (your mom’s maiden name, your first pet, your high school, and so on).

Jennifer Lawrence
Jennifer Lawrence

Jennifer Lawrence. (Associated Press)

This kind of information helped hackers break into the iCloud accounts of Jennifer Lawrence, Rihanna, and other celebutantes. Don’t let it happen to you or your kids.

Read: 9 Rules for Keeping Your Photos Safe Online

10. Rally the troops. 
Remember how I said that in an earlier, more innocent time, you were usually OK as long as you didn’t do anything stupid? That advice still applies, but the definition of “stupid” has expanded to clicking on unexpected mail attachments, falling for phishing emails, visiting dodgy websites, and oversharing on social media.

You’ll need to call regular family meetings to make sure everyone understands the risks and is playing by the same rules, Kaiser says.

Read: How to Avoid Phishing Scams

No bones about it — playing family chief security officer is a crappy job. But if you don’t do it, you not only put your family’s finances and information at risk, but you also make the Internet a little less safe for everyone. Cybersecurity really does start at home.

Questions, complaints, kudos? Email Dan Tynan at ModFamily1@yahoo.com.