SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Christmas tech gifts pose cybersecurity risks - ProofPoint
Wed, 23rd Dec 2020
FYI, this story is more than a year old

With Christmas around the corner, cybersecurity risks are on the rise, according to ProofPoint.

Fraudsters are targeting last-minute Christmas shoppers via email and hackers are targeting electronic devices that feature on many wish lists, from fitness trackers to video game consoles, that are designed for fun and function rather than security,

To help the many consumers who remain unaware of the security risks during this festive period, Proofpoint has collated a list of seven safety tips to protect consumers and prevent hackers from causing disruption, including advice on password strength and verifying legitimate applications and setting up devices safely and securely.

Proofpoint recommends consumers follow the below tips to ensure security concerns are front and centre during the festive season:

1) Reset the default usernames and passwords on your internet router and any wireless access points. Before you introduce new devices to your home network, examine your internet router or modem and any wireless access points you have to ensure you are following best practices. Too few people reset their default usernames and passwords and massive botnets are constantly scanning for vulnerable devices they can access by brute force. In addition, be sure you are running the latest security software. Consult your internet service provider (ISP) or router manufacturer's main website for how to log in, run an update, and apply the most secure settings.

2) Segment your network on your router. Most routers allow you to split off parts of your network so that so-called Internet of Things devices, gaming systems, and the like can't talk to computers or corporate devices that are also on your network. Segmenting makes it harder for a cybercriminal to move across your devices. Check with your ISP for ways to do it with your router.

3) Use a VPN whenever you connect work devices to the internet. This additional layer of security is critical to keeping your work safe from intruders.

4) Purchase products that allow easy firmware updates. When deciding on new devices – whether a new connected fridge or a sweet WIFI-enabled drone for the kids, make sure it's easy to update the firmware. Most vulnerabilities in these devices can be traced back to bugs in their underlying software.

5) Change default passwords and usernames when you set up new devices. The same security considerations for router defaults apply here.

6) Beware of the permissions on the apps that work with these devices. Too often they ask your phone for excessive permissions, which could open the door to data theft.

7) Research where data from your devices and related apps is transmitted and stored. They may not be subject to privacy regulations you might expect.