The past several years have brought us news reports of computing systems being used aggressively against infrastructure:
We have also seen security problems in home IoT devices. Security problems have allowed spying as well as using these devices as bots in attacks against others. I think it is time that we start to apply some simple civil defense principles to our home computing systems, both our general-purpose computers as well as embedded. I have increased my work to protect my home information and devices for a few months and I plan to continue and step up my efforts.
Backups have always been important to protect information. Given threats from ransomware and other techniques that attempt to compromise devices on a machine or a network, I keep copies of my files offline, making them harder to attack.
The recent reports of router vulnerabilities caused me to review my router configurations.
I continue to check my device passwords: I use non-trivial passwords, a wide range of passwords, and I do my best to be sure that passwords are enabled and non-default.
I am also careful about what devices I put on my network—if I don’t need it, I don’t add it to my network. More devices make for more points of vulnerability.