It is more common than ever for executives to work from home. According to a survey by Marcum and Hofstra University in 2022, less than half of CEOs have returned to the office full-time and a quarter plan to work a hybrid schedule indefinitely.

As such, companies are having to adjust their workforce and business planning strategies to accommodate hybrid models. But how many of these plans account for cyber risk on home networks?

The trouble with home networks

Home computers and networks are low hanging fruit for the bad guys. One in three home devices are infected with malicious software, according to CISA. While home networks face 100 new threats every month.These statistics are alarming for several reasons:

  • They compromise digital privacy: Because of their poor security posture, home networks are a target for threat actors seeking sensitive information about executives and their families. Once the home network is breached, cybercriminals can pivot to a system that has critical data on it (like a work computer or server) and/or view IoT devices (such as cameras or Alexa’s and listen in on private conversations).
  • They put corporate assets at risk: The bad guys can also exploit unprotected or compromised home devices and networks to conduct man-in-the-middle attacks, eavesdrop on corporate communications, compromise business email, or access corporate resources and systems and exfiltrate sensitive data.
  • They make it easy to extort and harm executives and their families: Hackers can even use the information they glean on home networks to threaten children or even attempt sextortion using home video recordings.

Home network intrusion isn’t complicated

One of the chief techniques that cybercriminals use to penetrate home networks is IP address scanning. This is a relatively easy process and involves scanning specific IP addresses or blocks of IP addresses looking for open ports, live hosts connected to the network, and vulnerable equipment (such as routers with outdated security controls). When they get a response, the cybercriminal then tries to penetrate the open port using a default or breached password or uses an exploit that takes advantage of a weakness in a device or service.

Many of the tools that can perform this initial scanning are widely available, free, and work automatically – making them highly attractive to newcomers and less tech-savvy hackers. Websites can also do the scanning for the bad guys using a web interface that detects certain types of equipment, like home security cameras (an easy target for hackers looking for access to the home Wi-Fi).

Protecting your home network from cyberattack

Unfortunately, executive protection at home is a major gap in cybersecurity. Due to privacy, legal, and other considerations, CISOs can’t simply extend the cloak of corporate security to executives and their families at home. So, what are your options?

Let’s look at the minimal security steps that executives should have in place while working from home.

1. Refresh your old firewall/router

Many home Wi-Fi networks and devices come with a firewall as standard. But these firewalls, many of them embedded in consumer-grade devices, like routers, fail to notify users when updates are available – leaving them vulnerable to hackers. Firewalls require regular patching and security fixes – something that homeowners rarely think about – so a router with a firewall that automatically updates its firmware is an important first line of defense. Even with these updates, you’ll still need more than a firewall to protect your home network.

2. Harden your router

WPA3 is a relatively new encryption standard for routers. It ensures that only authorized users hop on the home network and offers a level of privacy protection for data transmitted over the network. If your router doesn’t support WPA2 or WPA3 it’s time to update.

3. Establish a guest network

Create a separate guest network from your home network and IoT devices. You can do this through your router’s settings. Make sure the guest network is also encrypted with WPA3. Again, we can help. You can use guest networks to allow your friends and visitors to connect to the Internet when at your home, but if their devices are compromised, the bad guys can’t access your private network.

Now that full-time office-based work has become a thing of the past, being diligent about home digital privacy and security controls is critical to protecting executives, their families, and their companies.

Home network security as part of digital executive protection

BlackCloak performs weekly penetration testing and regular scans of  home networks to detect malware, botnets, and other security issues. We also help prevent decisions children and family members make online from resulting in a compromise.

Download our Network Security Data Sheet to learn more about how we help protect the home networks of board members and high-access employees.