Protecting your home and work devices against cyber attacks

German authorities and the UK’s GCHQ recently warned that Russian state-linked hackers are turning Wi-Fi routers into spying devices by exploiting vulnerabilities in home and office devices. The hackers are reportedly doing this to steal sensitive data such as passwords and authorisation tokens, with phones and laptops using the network most vulnerable to hacks. Microsoft’s Threat Intelligence team has identified more than 200 organisations and 5,000 consumer devices affected by the hacking.

What to do if your device has been targeted?

The first step is check the list published by the National Cyber Security Centre, which shows the routers that the Russians have targeted here. If your router has been affected, then you should start by having IT do checks to understand the impact, and then you should be talking with your lawyers and insurers. The lessons learnt from such an attack should have you review and adjust your security protocols, your approach to IT security, and ensure you have your business continuity plan in place. The reason you need to talk with lawyers is to understand if the hack has exposed you to contractual liability to your customers or suppliers. You will gain from understanding your risk profile early.

Key lessons for businesses

For businesses, this highlights how cybersecurity risks increasingly extend beyond corporate IT systems. Many employees now work remotely or hybrid and are accessing sensitive systems via home networks that may be far less secure than that in the office. A compromised home router can therefore become an indirect gateway into an organisation’s data. Learn more about the risks of hybrid working here.

Organisations should treat home networking equipment as part of their broader risk landscape and provide clear guidance to staff on cybersecurity. In terms of routers, do you have any audit of the systems your staff use? People may not understand how to secure routers, and keep patches updated and secure.

Another lesson is the danger posed by outdated or end-of-life devices. The National Cyber Security Centre (NCSC) has repeatedly warned that routers running old firmware are particularly vulnerable. Businesses that rely on secure communications and handle confidential information should ensure robust policies around device updates, multifactor authentication, and network monitoring.

What individuals should take seriously

For individuals, the attacks highlight how easy it is to overlook the security of “always-on” devices. Routers are often installed once and left untouched for years. Default passwords, outdated software, and exposed management interfaces create opportunities for attackers to gain long-term access without raising suspicion.

To protect your data, consider whether you have changed default router passwords and whether your software is up to date. It is important to install firmware updates promptly, disable remote management features unless absolutely necessary, and enable multi-factor authentication on accounts wherever possible.

Even strong passwords can be rendered ineffective if stolen via a compromised network. Using two-step verification adds an essential layer of protection and limits the damage if credentials are intercepted.

Takeaways

Cyber attacks are becoming less visible and more opportunistic. Rather than targeting specific individuals from the outset, attackers often cast a wide net, compromising thousands of devices before narrowing their focus to targets of interest.

In an environment where hostile actors exploit ordinary consumer technology, basic precautions, such as routine updates, secure configurations and layered authentication, can make the difference between being overlooked and being exposed.

If you have questions or concerns about cybersecurity and data protection, please contact James Tumbridge.