Small Business Internet Security question

Question

Hello,

My wife opened her Law firm last year, Her building management gave access to their internet to her. It is a Public wifi. Recently there have been some hacks on her Business Computer because she was using the public wifi. I originally had asked her to stop using the public wifi because I know its unsafe, but since she is not too tech savvy she kept using it. One of her colleagues got her the tp-link tl-wr841n router to use instead of the public wifi.

I also called the business management, they said they can provide her with direct ethernet cable to connect, rather then using their public wifi.

My question, what is the safest method for her internet usage? so she wont be a target of hackers again, tp-link tl-wr841n router**,** ethernet cable from the building management or anything else? Please help. I am kind of confused about this aswell.

Answer 1

Hello

Thank you for your question and reaching out. I can understand you are having query\issues related to Internet Usage.

Please note that TP-Link is just router or Device to provide Internet on your computers from ISP , they are also Public in some type.

Please use Strong password on your TP-Link router Admin page and WIFI access profile

Also , Switch Off Router during Night time or when its not used.

Please inform her to Install and Use latest Antivirus software and keep it updated.

Protect your Microsoft or any other accounts using MFA.

--If the reply is helpful, please Upvote and Accept as answer--

Answer 2

The best thing is to avoid WiFi altogether. WiFi permits beyond the physical perimeter attacks. The attacker could be sitting in a car outside her window. Have building management provide her the ethernet cable and plug it into the WAN port of the router. Then buy a USB ethernet adapter + cable and plug that into the router's LAN ports. ( I assume she is using a laptop with no ethernet ) And most importantly turn off the WiFi of the tp-link router. A router can be considered as a firewall of sorts..

That said, the attack may not have originated from WiFi. The most effortless hack nowadays involve email. All the attacker has to do is convince her to click on the link of an email and the attacker is inside.

Have the computer looked at by some company specializing in security. There is no telling what the hacker has installed. It may be a keylogger, or it may be a remote access tool. If the latter, then the attacker has remote control of her PC. And all the routers in the world cannot help you, as the hacker will be connecting outbound to his server. Hackers don't use common malware, and they also test to see that their tools don't get detected by name brand anti-malware, like Windows Defender. So having the PC looked over by a security professional is essential. Ask your banker friend or insurance friend to hook you up with somebody from their IT Security department if possible. The big finance firms have all the security talent.

Now would be a good time to backup her data files if an existing regiment does not exist. You'll never know if the hacker is scouting around waiting to deploy ransomeware.

Answer 3

Hi

I found your thread here by googling "colleagues got her the tp-link tl-wr841n router". Most posters post on several sites to get more answers, that's normal. And since the moderator closed your thread, I had no choice but to post here.

Let me eat my words from our previous message. No you don't necessarily have to invest in a $400 firewall. A plain router is a sort of firewall. They just offer less protection - no firewall rules, no layer 7 inspection protection. And I have looked at Regus's web page on their protection. It seems they use VLAN's and they employ penetration testers. They did mention phishing email based attacks, but did not say how they address it. They maybe inspecting email for phishing, but of course they cannot tell customers that they are inspecting (reading) their email.

Are you going to find outside help as per above? Or do you want to resolve this on your own?

Answer 4

Hi Thanks. I talked to Regus yesterday, they keep insisting to use their ethernet cable. Because then it will be a one point connection rather the WIFI. I have asked my wife to get their ethernet cable. Regarding ethernet cable, should we connect to the Tp link router port, or the office room internet port, provided by Regus? Or it the same thing? Which is safer way? Also my wife will be calling her bank today and we will ask them all the questions, including if they know the origin point of the hack. Also I have asked my wife to be really careful about checking any emails. As for outside help, yes definitely this will be next step, Im looking in to which IT consultant I can connect with who is a expert on internet security. One issue though is, my wife also does her banking by phone and have passwords saved there, its possible the hack was from her phone too. She did use Regus Wifi on her phone, she told me. I guess I can ask the security expert to check her phone.

Answer 5

When Regus provides the ethernet, connect it to the TP-Link WAN port, and then from it's LAN port connect to her computer. That way, you have a sort of firewall between their network and yourself. And then, switch off the WiFi on the TP-Link.

Good thinking about the cell phone. It maybe the source of the hack.

Tell her to use her cell phone data plan, it is safer than WiFi. Also, the advice regarding clicking on links applies also the SMS messages, WhatsApp and whatever social media app she uses. I am not 100% sure that clicking on WhatsApp links will execute code, but it is better to be safe than sorry.

Also, just as you do Windows Update to patch security holes on Windows, you have to update your apps on the cell phone regularly, just go to the App Store and do updates from there. For instance. WhatsApp has been hacked a few years ago and it affected the entire population of users. And the vendor quickly supplied a patch. But if you don't update, you won't get any protection. Also you have to patch the phone itself. Cell phone manufacturers now offer more frequent patches.