How to Protect From Cyber Attacks While Working From Home

How to Protect From Cyber Attacks While Working From Home

 During the pandemic, daily habits such as the workplaces, work conditions and work methods of the people around the world are changing. Various employers say their employees to choose for working from home or let them work from home.

Companies such as Apple, Google and Microsoft stated that they will let their employees work remotely to help to prevent  COVID-19. The underlying idea is to keep people healthy and to help to prevent the spreading of the disease.

But this also brings certain liabilities. If you decide to work remotely, you need to consider the cybersecurity. Because experts state that the number of  “phishing” attacks that target the employees working from home is increasing.

In this article, we will give you some tips to prevent any exposure to cyberattacks while working from home.





1. Keep Your Devices Updated

Updates will help to patch the security vulnerabilities and protecting your data. Additionally, updates can add new properties to your devices or remove the old properties. Various companies provide individual work devices to their employees. According to Tom Patterson, head of security in a cybersecurity company, if a personal laptop or mobile phone is used to work from home and especially if these devices are shared among multiple individuals, the vulnerability against cybercrimes might increase.

The first step is to make sure to have the latest software update. This way, even though you are using an old device, your device will be secure with security patches.


2. Change Your WiFi Password

Although many individuals know how to regularly change their social media account, e-mail and other online service passwords, no one does that. This is extremely important to protect yourself from the attack. Change the default username and password of your Wi-Fi router as it will only take a few seconds to find this username and password. When you change your Wi-Fi password, try not to use simple passwords. Because cyber attackers create a list of passwords that are commonly used by ordinary people and check whether your Wi-Fi network has one of these passwords. Then, they try to penetrate your Wi-Fi network.


If you have any doubts about your Wi-Fi device, it is always better to have technical support. Other than that, you need to turn off your Wi-Fi device when you don’t use it. This method might seem simple but it has serious advantages. One of these advantages is to decrease the chance to be a target to cyber attackers.

Another method is to increase your Wi-Fi security. Choose the “Security Mode” (the name can be different in different devices) from device admin panel and select WPA2 option. On the time of this article was written which was 2020, this was the most secure encrypting method. If your encryption is different, you must change it immediately. Because other encryption methods can be broken easily.



3. Use VPN

VPN is the abbreviation of Virtual Private Network that helps to protect the sent and received data when you are working from home. VPN encrypts the data and enables a secure connection between two networks. This way, this secure connection prevents cybercriminals or other interested parties to see what you are doing on the internet.

At the same time, you can access to systems that are not open to the internet with a VPN. For example, you can easily connect to storage space, printer or another computer that you accessed with office network from your own home with VPN.






4. Be careful about mails about coronavirus

Cybercriminals are using the coronavirus pandemic to send e-mails with dangerous connections or malicious software to employees. For example, an e-mail might seem to come from the company authority and this e-mail might ask you to open a connection about new company policy for the coronavirus. If you click on the attachments or embedded connections, it is possible to download the malicious software on your device. Be careful about these situations and immediately inform the related teams or your employer.




5. Use Your Password Carefully

Passwords are one of the most common methods for identity verification. Malicious users mostly target passwords. E-mail password, a social media account password, website password etc. All of them can be a target.


If you visit a fake website and use your password on that website, the strength of your password will become meaningless. Because you will clearly deliver your password to malicious individuals.

In some cases, cyber attackers try to find passwords with trial-and-error. They constantly try these simple passwords (there are thousands of them) on systems. The stronger your password, the safer you are against these attacks. Well, how can you make your password stronger? We can say this has more than one answers.

  • You must not use adjacent keyboard key combinations as your password.
  • At the same time, you can check the most frequently used passwords around the world. If you have one these passwords, change them immediately.
  • When a password has numbers, capital letters, punctuation marks, it will become harder to guess the password.
  • The password must not have any information about you (birthday, name, age etc.)




6. Have Security Tests

Penetration testing is the security tests conducted by experts to determine the logical errors and vulnerabilities in the information system of an institution or a company, prevent any exploitation of these vulnerabilities by the cyber attackers and to make the system securer. The main purpose here is to exploit the related vulnerability without damaging the system and access to the system.

Generally, the number, time, motivation, skills and knowledge of a cyber attacker targeting your systems are more than the time, motivation, knowledge and skills of a cybersecurity expert. Checking and reporting any security vulnerabilities on an information system by a third eye is extremely important to prevent any cyberattacks. In today’s world where hundreds of new vulnerabilities emerge, pentest has become mandatory to protect the systems of the companies/institutions. Numerous companies/institutions only include critical systems to test due to the high cost. But there are no important or unimportant systems for attackers. The only important thing for them is to access the system. Generally, attackers target the least valuable or invisible systems of a company/institution.

40% of the companies reported that the number of cyberattacks increased when working from home. When the increasing number of cyberattacks from working from home due to COVID-19 is considered, companies or institutions must have a complete inventory and subject to security test at least once in every 6 months. Additionally, new software, applications, device etc. added to your information system when working from home must be subjected to security tests. It is important to remember that security is not a one-time job but a process.