Nearly half of employed Americans now work from home at least part of the time. However, one of the key pieces of technology enabling this workstyle may be creating significant security issues that reach beyond the home office and into the enterprise network.
The Wi-Fi routers used in most home networks often contain vulnerabilities that can be exploited by hackers to spread malicious software. An infected router can spread malware to all devices connected to the wireless network, and then on to any corporate systems that employees connect to from home.
A new study by a consumer nonprofit has found that five out of six home routers are inadequately updated for security flaws. In their analysis of routers from 14 different vendors, the American Consumer Institute found an average of 172 vulnerabilities per device, with more than a quarter of those rated as “critical” or “high-risk” flaws.
Most of the vulnerabilities stem from unpatched firmware. Although router manufacturers typically roll out software updates throughout the year to address such vulnerabilities, most of these devices don’t have any type of automatic-update mechanism. Users must find, download and install updates on their own. That doesn’t happen very frequently. In fact, even IT professionals rarely do it. A survey from a few years ago found that less than half of IT pros had recently updated the router firmware in their homes, and most weren’t sure if they’d done it correctly.
The issue of home router security was in the spotlight last year when researchers discovered the so-called KRACK (Key Reinstallation Attack) vulnerability. This flaw in the Wi-Fi standard gave attackers an opening to conduct man-in-the-middle attacks that could expose a wealth of personal information such as usernames, passwords, bank account numbers and more.
More recently, the FBI warned of a resurgence of a once-dormant Russian botnet that is targeting wireless routers from Linksys, MikroTik, Netgear and TP-Link with malware known as VPNFilter. Unlike other threats, VPNFilter is capable of maintaining a persistent presence on an infected device, even after a reboot. VPNFilter has a range of capabilities including spying on traffic being routed through the device. From an enterprise perspective, this malware is unique because it seems to have been designed to use home networks as a gateway into SCADA industrial control systems. Analysts say it has special, dedicated code specifically created to intercept SCADA communications.
Given the risk of malware propagating from home networks to the corporate network, organizations should take an active role in guiding remote employees in how to boost router security. For instance, you should consider sending periodic bulletins with update reminders and instructions for changing passwords and performing router resets, along with links to manufacturer firmware updates. You could also work directly with manufacturers to arrange email security updates.
Another option would be to encourage remote employees to upgrade to newer routers that provide automatic updates. Some router manufacturers, including D-Link and Netgear, have responded to recent threats by partnering with security firms to offer malware protection and other services through their products.
Remote working offers a wealth of benefits for both employees and employers. Studies find that employees are more productive, happier and healthier when they have the option to work from home. Employers can cut costs through lower turnover and reduced office space requirements. Nevertheless, both parties must understand the risks involved and take steps to ensure that an insecure Wi-Fi router doesn’t open the door to serious security issues.