Ever wondered if you may be exposing devices on your network to malware, simply by being on the same WiFi?

In today’s post we set out to answer this question! To fend off the allegations of clickbait (haha) - generally speaking, no, it’s very uncommon that viruses or other malware will spread through your network like in the movies. To answer why though, we’ll need to dive a little further into how most malware works. In another post, I mentioned that the most common attack on personal computers BY FAR is phishing. Per and infographic published by CISA, phishing is so effective that [within the first 10 minutes of receiving a malicious email, 84% of users interacted with it by either replying or clicking links / attachments.]

There’s nothing you can do to save your wifi - right?

What that means for your home systems is this - if you are successfully phished, you may have just handed over access crednetials that will allow the attacker to take control of your system and then leverage those credentials to start attacking other devices on the same network, using those credentials. For example, suppose you had an entertainment server running on your WiFi that you connect to remotely from a smaller, more portable machine like a laptop. If successfully phished, you may have just handed over the credentials that you use to connect to that server remotely to an attacker!

This type of thing is more common when suffering from a malicious actor gaining remote access to your machine, but these usually take the form of “Tech Support” scams where you receive a vague communication that your computer is compromised, and you need to call a number and sign up for some sort of paid computer maintenance program. While different than simply interacting with a malicious email - it’s important to note that phishing is simply a form of social engineering, and these phone scams that ultimately open your computer up to remote connections function by exploiting the exact same thing. People have a natural curiosity for things they don’t understand and have a natural tendency to want to investigate. I’d go so far as to say that the simple act of trusting a stranger (who in this case is sending malicious emails) is a very human thing to do! These natural tendencies can lead someone to plug in a USB stick that they found in a parking lot, or open that random email from their “bank” alerting them that their account is overdrawn and can only be fixed by an emergency deposit into another account - these examples go on and on!