1. A DIGITAL LIFE E-GUIDE
What to Expect
When You’re
Connecting

3. “Did you remember to lock the door?” When you’re not at home, this
question can cause a lot of anxiety. Before, you’d probably make a
mad dash back to check, but not anymore. Now, you can do it with
just a glance at your phone.
Locking doors when you’re miles away is just one of the activities
Internet-capable appliances make possible. Smart TVs let you
program the shows and ads you watch. Smart refrigerators make it
easy for you to buy groceries online and keep track of stored items.
With these new devices requiring constant Internet access, it makes
sense to have a single hub to manage all of these gadgets. This is
where a home network comes in. It allows you to share files, other
devices like printers, and Internet access among all your devices.
But does setting up a home network mean you can immediately
connect your devices to it? Not really. Your devices may not have
built-in security features, so securing your home network is important
to protect them against attacks by bad guys.

4. Privacy Interrupted
Internet-capable devices, like smart TVs, are fun to have around since they can be
customized to your liking. Your TV can suggest programs and switch ads for ones
you find interesting. But this kind of personalization can get too personal.
Manufacturers and platform developers are considering using facial recognition1
and cameras2
to deliver targeted content. Cybercriminals can take advantage of
these developments to invade your privacy. They can hack smart TVs and use the
built-in cameras and microphones to spy on you.3
They can even collect footage
of you for blackmail or identity theft.
Control Issues
A home network lets you control all of your devices with ease. Sadly, it also makes
it easier for cybercriminals to break into your home. By hacking into your network,
they can remotely control your automated system to open locks and doors.4
Identity Crisis
You may think your personal information is nobody else’s business, but
cybercriminals think otherwise. Bad guys who hack into your network use special
tools to sniff out your credentials, accounts, and other sensitive information being
transmitted to and from your devices.5
Accidentally an Accessory
Cybercriminals might piggyback on your network to conduct their malicious
schemes. Not only does this use up your bandwidth, this also ensures that all their
malicious activities will be traced to your network instead of theirs6
.
1 http://www.reuters.com/article/2012/06/08/us-intel-tv-idUSBRE85706Q20120608
2 http://arstechnica.com/tech-policy/2012/12/how-to-get-targeted-ads-on-your-tv-a-camera-in-your-
set-top-box/
3 http://arstechnica.com/security/2012/12/how-an-internet-connected-samsung-tv-can-spill-your-
deepest-secrets/
4 http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-home-
automation-and-cybercrime.pdf
5 http://arstechnica.com/security/2012/12/how-an-internet-connected-samsung-tv-can-spill-your-
deepest-secrets/
6 http://arstechnica.com/tech-policy/2011/07/wifi-hacking-neighbor-from-hell-gets-18-years-in-prison/
Technical Difficulties

6. While there are different types of connections used for home networks, most
people tend to use Wi-Fi for convenience and ease. Typically, a home network is
made up of several components: the devices, an Internet connection, and a wireless
router. The wireless router acts as the center of your network since it shares your
Internet connection and other access to all connected devices.
WEP, WPA, and the Difference
Security settings in routers often offer two choices, Wired Equivalent Privacy (WEP)
and Wi-Fi Protected Access (WPA).
WEP is a protocol used for securing networks. While it encrypts data for security, it
uses static encryption keys that can be cracked. An FBI demonstration showed that
a WEP-secured network can be broken into in just three minutes7
. US-based retailer
TJX Companies experienced a data breach in 2007 due to lax security practices,
including the use of WEP.8
WPA, on the other hand, is the newer security protocol developed in response to
the inherent weaknesses of WEP.9
Unlike WEP encryption keys, WPA encryption
keys constantly change. This makes it difficult for any bad guy to use the same
attacks affecting WEP. WPA also includes a feature that prevents bad guys from
capturing, altering, and resending data.10
Default is a Fault
Your router’s administrator console comes with a default username and password.
And since most routers use the same credentials, bad guys with access to your
configuration settings can easily change your network’s security settings. This is
why it’s important to change your default credentials immediately.
You should also consider changing your network’s Service Set Identifier (SSID),11
the
unique name assigned to identify a wireless network. Fresh out of the box, a router
will normally have a default SSID containing the manufacturer’s name and the
model number. Cybercriminals see a default SSID as a sign that a novice set up the
network, making it an easy target.
Some recommend disabling your SSID broadcast so that it doesn’t appear on a
device’s list of available networks. Although this might seem like another layer of
security, cybercriminals can use “sniffer” tools to find “hidden” networks. You can
still hide your SSID as long as you use other security measures.
7 http://www.informationweek.com/fbi-teaches-lesson-in-how-to-break-into/160502612
8 http://www.theregister.co.uk/2007/05/04/txj_nonfeasance/
9 http://arstechnica.com/security/2008/11/wpa-cracked/
10 http://arstechnica.com/security/2008/11/wpa-cracked/
11 http://www.staysafeonline.org/stay-safe-online/keep-a-clean-machine/securing-your-home-network
Securing Your Home Network

7. Phrases Over Words
A private network is meant for a chosen few. Enable password authentication to
allow only selected people and their devices into your network. But rather than using
traditional passwords, opt for passphrases.12
Once passwords go over 8 characters, most attackers will try brute-force to get in.
It’s better to use a random set of words that are easy to remember, but avoid using
popular phrases.
Be Our (Authorized) Guest
You can also filter Media Access Control (MAC) addresses—the ID codes for devices
with networking capabilities. Filtering MAC addresses lets you create a list of devices
that can connect to your network. When you enter specific MAC addresses onto your
router’s control panel, it ensures that only those devices with the corresponding
addresses can access your network. Since MAC addresses can be spoofed,13
it’s
advisable to take other security measures with it.
Just because you’re sharing your bandwidth doesn’t mean you have to share
everything, including access to private files and folders. Set up guest accounts or
networks that act as separate networks for your friends and visitors. But first, check
the available settings to see the amount of security your guest network can provide.
12 http://blog.trendmicro.com/trendlabs-security-intelligence/password-insecurity-revisited/
13 http://www.techrepublic.com/blog/security/how-to-spoof-a-mac-address/395

8. Exposing your network to unsecured devices opens the door for threats like
malware and hacking. Before letting any smartphone, tablet, appliance, or
computer connect to your network, check their available security settings. What
are the available security tools on the device? Can you configure their default
settings? Admittedly, some Internet-capable appliances may lack security features
compared to mobile devices or computers. Install security software on your
mobile devices and computers for additional protection. Security software can
detect and block malware and other online threats from infecting your devices.
Personalization and convenience might be perks of an automated home but
not at the cost of security. With security measures in place, you can enjoy your
devices without any worries about malicious outsiders using them too.
Advice on Your Devices

10. Copyright ©2013 by Trend Micro, Incorporated. All rights reserved. Trend Micro and the Trend Micro t-ball logo are trademarks or registered trademarks of Trend
Micro, Incorporated. All other product or company names may be trademarks or registered trademarks of their owners.
TRENDLABS
TrendLabs is a multinational research, development,
and support center with an extensive regional
presence committed to 24 x 7 threat surveillance,
attack prevention, and timely and seamless solutions
delivery. With more than 1,000 threat experts and
support engineers deployed round-the-clock in labs
located around the globe, TrendLabs enables Trend
Micro to continuously monitor the threat landscape
across the globe; deliver real-time data to detect, to
preempt, and to eliminate threats; research on and
analyze technologies to combat new threats; respond
in real time to targeted threats; and help customers
worldwide minimize damage, reduce costs, and ensure
business continuity.
TREND MICRO
Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global
cloud security leader, creates a world safe for exchanging
digital information with its Internet content security
and threat management solutions for businesses and
consumers. A pioneer in server security with over
20 years’ experience, we deliver top-ranked client, server
and cloud-based security that fits our customers’ and
partners’ needs, stops new threats faster, and protects data
in physical, virtualized and cloud environments. Powered
by the industry-leading Trend Micro™ Smart Protection
Network™ cloud computing security infrastructure, our
products and services stop threats where they emerge—
from the Internet. They are supported by 1,000+ threat
intelligence experts around the globe.
LEGAL DISCLAIMER
The information provided herein is for general information and educational purposes only. It is not intended and should not be construed to constitute legal advice.
The information contained herein may not be applicable in all situations and may not reflect the most current situation. Nothing contained herein should be relied
or acted upon without the benefit of legal advice based upon the particular facts and circumstances presented and nothing herein should be construed otherwise.
Trend Micro reserves the right to modify the contents of this document at any time without notice.
Translations of any materials into other languages are intended solely as a convenience. Translation accuracy is not guaranteed nor implied. If any questions arise
related to the accuracy of a translation, please refer to the original language official version of the document. Any discrepancies or differences created in the
translation are not binding and have no legal effect for compliance or enforcement purposes.
Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro makes no warranties or representations of any
kind as to its accuracy, currency or completeness. You agree that access to and use of and reliance upon this document and the content thereof is at your own risk.
Trend Micro disclaims all warranties of any kind, express or implied. Neither Trend Micro nor any party involved in creating, producing or delivering this document
shall be liable for any consequences, losses, or damages, including direct, indirect, special, consequential, loss of business profits or special damages, whatsoever
arising out of access to, use of or inability to use, or in connection with the use of this document, or any errors or omissions in the content thereof. Use of this
information constitutes acceptance for use in an “as is” condition.