What a Router Does
Routers typically can create at least two different networks, one for private use and one for guest access. Routers also connect multiple networks and forward packets destined for its own or other networks. All of your devices (laptop, phone, tablet . . .etc) therefore talk to the router, and the router in turn connects to a modem and protects your devices with a firewall.
Why Router Security is Important
A secure home router is an essential component of your personal information security as your router connects to the outside world, and may be targeted by automated scans and exploits that may not be visible to you. Additionally, please be aware of the following:
- Although your router does not store information, sensitive information passes through it when you access various online accounts and services, and this data can be compromised if your router is hacked.
- A compromised router can also be used to attack other devices on your local network such as your phone, tablet, laptop or smart devices, and can be used to launch denial of service attacks.
Security Focused Routers
Some users opt to purchase security focused routers which offer auto updates. However there are a number of factors to be considered when evaluating security focused routers. These types of routers can be costly and often offer limited customization ability and annual subscriptions for services. It is recommended that before swapping a device provided by your ISP, that you confirm that:
- the router provided by your ISP is a separate device vs. single device (known as a “gateway”) which contains both the modem and the router.
- you can bring your own device onto the network.
- all available ISP provided services will work with the router you’re considering.
- the router you purchase will continue receiving firmware updates (product life cycles are often short, so you want to be sure that you’re not purchasing an end of life product).
Examples of security focused routers include:
Configuring and Securing Your Home WiFi Router
The primary recommendation is that you change the default administrator username and password that comes with your router. For instructions and other recommendations for your home setup, please see the following article from the NJCCIC, How to Configure and Secure a Home Wi-Fi Router. A supplemental recommendation is to periodically reboot your router as some malware strains will not survive a reboot.
Additionally, you can periodically check to see a list of devices that are connected to your router. To do so:
- Go to an internet browser on one of your connected devices.
- Go to www.routerlogin.net
- Enter the router username and password
- Select Attached Devices
- To update this screen, click the Refresh button
If you see unfamiliar connected devices, you can change/reset your WiFi password.
DocuSign, a service used to share, distribute and electronically sign important documents has detected an increase in phishing emails sent to customers/users. The recent phishing campaign delivers unsolicited email with either an embedded URL or an HTML, PDF or Word attachment redirecting users to a spoofed login page designed to steal login credentials. Compromised DocuSign credentials could cause the exposure of financial and other types of sensitive/confidential information.
Noted email subject lines in this phishing campaign are:
- Your DocuSign
- Payment Confirmation
- New secure message
- You have a new document to review and sign
Phishing emails received may come from: firstname.lastname@example.org
DocuSign advises users to look for the unique security code at the bottom of a DocuSign notification email (as shown below). All DocuSign envelopes contain a unique security code. The unique security code allows users to access documents directly from https://www.docusign.com/
- Never open unexpected attachments or provide account credentials via embedded links in unsolicited email. Before opening an unexpected attachment, verify the legitimacy of the message/sender via a phone call or another means of communication that does not rely on information appearing in the message received.
- Instead of clicking on an embedded link to enter your credentials, go to the organization’s secure website to enter your credentials.
- Enable MFA (multi-factor authentication) on all accounts for which it’s offered. MFA will protect you from the results of phishing or credential compromise by requiring a second layer of authentication via a device that you possess (e.g., a smartphone, cell phone, landline . . .etc)..
- For information on NYU MFA, which protects your sensitive information on NYU systems, please click here.
As an update to our 1/4/18 post entitled Computer Chip Vulnerabilities: Meltdown & Spectre and our 2/26/18 post entitled Spectre Patches Available, please be advised of the following NJCCIC (New Jersey Cybersecurity & Communications Integration Cell) resource dedicated to the Meltdown and Spectre vulnerabilities. The Meltdown and Spectre Product Vulnerability and Update List
summarizes the incident and supplies an updated listing of vendor patches, mitigation strategies and updates.
A glitch in the pre-installed Samsung Messages texting app appears to be sending photos from Samsung Galaxy phones to random user contacts without their knowledge or consent. Further, there appear to be no records of these transmissions in sent folders. Affected users have become aware of the issue after recipients respond to the messages received.
It is recommended that Samsung Galaxy users disable the Messages apps access to the device’s storage and use an alternate messaging app, such as Android Messages. Please note that it is likely that users who disable the Messages app will lose access to prior messages and render the app unusable. The following are steps to disable the access of Samsung Messages to device storage:
- Go to Settings
- Select Apps, and choose the Messages app
- Select Permissions, and move the Storage toggle to disable or off.