Outside the box: home security

Tuesday 24th May 2016
Home data centres need security

Ubiquiti Networks has warned its customers about a worm targeting the company’s products by exploiting a critical vulnerability that was believed patched nearly a year ago. According to the wireless networking product manufacturer, the malware is designed to target routers, access points and other devices, running outdated versions of the airOS firmware, including airMAX M (airRouter), AirMAX AC, airOS 802.11G, ToughSwitch, airGateway and airFiber.

Ubiquiti says it has seen two different versions of the worm and they both leverage the same vulnerability to infect the company’s products. The flaw in question was patched in July 2015 with the release of airOS 5.6.2. The vendor has now released version 5.6.5, which contains additional security improvements and removes the malware from devices. A separate worm removal tool has also been released by the vendor.Cesare Garlati, (left) chief security strategist for prplFoundation urges  the following on securing IoT in the home where people can take a number of actions to improve security:

 

  • Update the software of the device at least once per quarter.  Vulnerabilities publicised has hackers scan these devices  to take advantage of them.
  • Don’t be afraid to purchase a new one if you suspect the vendor has not been taking security seriously.
  • Make sure the admin console on your home router is password protected. 
  • This is separate to the password used to sign in to the wi-fi.
  • Make sure you use the WPA2 protocol and protect it with a meaningful, strong password.
  • Activate Media Access Control (MAC) filtering –  set up your devices on your router using this unique ID so rogue devices cannot connect.
  • Turn off wi-fi protected set-up (WPS) after initial set up as it is not required, nor it is robust or reliable.
  • Do not open any ports on the router firewall – there is no reason for a household to be reached by the outside- regardless of vendor advice .
  • Never enable the Universal Plug ‘n Play (UPnP) feature on a device – it opens a port which can enable malware and attackers to get in.
  • Practice security by separation and take advantage of “guest network” feature on modern routers. 
  • Use this for people coming into your home and  for all of your high risk devices. 
  • Make sure this network has a different password.

Ultimately, users need to understand that their homes are becoming mini-data centres without an administrator.  They need to take more responsibility for the security in the connected home.  Realise that it’s not just about the box, but all the ways that they are exposed through 

Custom Search

Scotland, Computer News in Scotland, Technology News in Scotland, Computing in Scotland, Web news in Scotland computers, Internet, Communications, advances in communications, communications in Scotland, Energy, Scottish energy, Materials, Biomedicine, Biomedicine in Scotland, articles in Biomedicine, Scottish business, business news in Scotland.

Website : beachshore