To help prevent this situation happening, the National Security Agency (NSA) has released 'Best Practices for Securing Your Home Network', which is a set of cybersecurity tips designed to help remote workers protect their networks -- and themselves -- from cyberattacks and hackers.
"In the age of telework, your home network can be used as an access point for nation-state actors and cybercriminals to steal sensitive information," said Neal Ziring, NSA cybersecurity technical director. "We can minimize this risk by securing our devices and networks, and through safe online behavior."
Acording to the NSA, here are some of the most important things you can do you to help secure your network and devices while working remotely.
Use modern operating systems, applications, and browsers – then keep them up to date
Using the most recent version of an operating system and keeping it updated with the latest security patches is one of the best ways to keep your device safe from cyberattacks.
The most recent operating system is the one which will be the most supported, while older operating systems might eventually stop receiving updates -- meaning that security patches may not be available if vulnerabilities, which could be exploited by attackers, are uncovered after the cut-off point.
In most cases, the updates will come in the form of a prompt that encourages you to restart your computer -- something you should do as soon as you can.
The same goes for applications, software, and web browsers -- using the latest version means you'll be using the latest security updates, which will prevent cyber criminals from exploiting known vulnerabilities in software to conduct attacks.
Keep your router secure and up to date
Your internet service provider (ISP) provides you with a router to connect to the internet. Many people don't really think about this device much, leaving it hidden in a corner after it's been installed.
But your router is an important part of your networking set-up, providing a gateway in and out of your home network -- something that can be exploited by cyber attackers if it isn't secured properly.
The NSA suggests that, at a minimum, your wireless network should be segmented between your primary Wi-Fi, guest Wi-Fi, and IoT network. This segmentation keeps less secure devices from directly communicating with your more secure devices.
Use strong passwords – and keep them safe with a password manager
Your passwords are the key to your online life, so it's vital to make them secure -- especially the ones you use to access corporate cloud environments. All of your passwords should be unique and complex, so they're not easy for an attacker to guess.
While remembering many different passwords is a challenge, this obstacle can be overcome by using a password manager -- which should also be secured with a strong, unique password.
It's also important not to store any passwords in plain text on your device. This will prevent your accounts being accessed if your device is lost or stolen.
Use multi-factor authentication for your accounts
Using multi-factor authentication (MFA) -- also known as two-factor authentication (2FA) -- whenever possible can keep all of your accounts secure.
Ideally, your employer will provide an authenticator to link to your corporate accounts, but it's also a good idea to secure your personal accounts with MFA. Application-based or hardware-based security keys are the most secure option. If that isn't possible, SMS-based MFA is better than no MFA.
Use security software
If you're working remotely, you should be using an antivirus product, one that's hopefully been provided by your employer. But in order to stay safe, it's also a good idea to install antivirus software on your personal devices, too -- and it doesn't need to cost a lot.
Using antivirus software can alert you to potential threats, be they malicious attachments, websites or something else.
Follow email best practices
Email is one of the most common and most effective attack vectors for malicious hackers, who can use it to trick you into giving them access to your password, clicking a malicious link or downloading malware. However, by following best practices around email cybersecurity, it's possible to avoid falling victim to email-based attacks.
The NSA recommends that you should avoid opening attachments or links from unsolicited emails and that you shouldn't click on links in attachments from unknown senders.
If you are uncertain if an email is legitimate or not, if possible you should identify the sender via secondary methods, such as a phone call, and delete the email if you're told it isn't really them.
The NSA also recommends that you should never open emails that make outlandish claims or offers that are "too good to be true" -- like an unexpected suggestion of a bonus or a pay raise.
Be careful when using social media
Social media services such as Facebook, Instagram, Twitter, and others are a good way to keep in contact with friends and family -- but they can also be a prime hunting ground for cyber criminals and other malicious hackers looking to conduct attacks.
Avoid posting information, such as addresses, phone numbers, places of employment, and other personal information, that can be used to target or harass you. Some scam artists use this information, along with pet names, first car make or model, and streets you have lived on, to figure out answers to account security questions.
You should also ensure that your personal social media accounts are set to friends only, to prevent unwanted eyes from snooping on your profile.
Also, take precautions with unsolicited requests, especially from strangers -- attackers could use in-app messaging services to conduct phishing attacks or deliver malware.
Be cautious when using public Wi-Fi spots
One of the great things about remote working is that you can do it from anywhere, so maybe instead of working from home, you decide to work from the local coffee shop for the day.
Yes, it has an internet connection -- but do you know how secure it is? The NSA warns that "public hotspots are more susceptible to malicious activity" -- which means you should take additional precautions when using public Wi-Fi, preferably avoiding it altogether.
Instead, the NSA recommends using a cellular network, such as your mobile Wi-Fi hotspot or 4G or 5G connectivity. If you must use public Wi-Fi, the NSA recommends using a trusted VPN provider to protect your connection from malicious activities and monitoring.