Best Security measures for non-IT pro to take when at risk of hackers?

Question

I work at a WeWork and am surrounded by about 5 different IT / coding type of companies. They apparently hacked me somehow, I don't know how, whether it was bluetooth or using WeWork wifi, or maybe the screen sharing app used to control monitors WeWork uses or the Papercut print client. Somehow they were on my PC, as if they were controlling it (like a screensharing remote access app). They apparently thought it was funny, messing with stupid stuff like my volume settings, moving files on my desktop, writing in a Word document. However, I'm not playing... I want everything on lockdown but I'm no pro.

What steps would an IT pro do if they were in a shared office environment to put their PC on lockdown?

Things I did:

• Changed all my passwords to strong passwords, and am keeping different passwords for my important points of entry. Ex. different passwords for home router, Microsoft 365, Google, etc.

• Started connecting to the network by ethernet cable. Leaving Wifi and bluetooth turned off.

• Connect to VPN.

• Started using Norton 360, I believe Windows Defender still runs too.

What else should I do?

• fresh install of Windows?
• get an encrypted router to connect to Wework ethernet?
• switch to Mac?
• stop letting Google Chrome store passwords? I mean, if they can access my PC and see the screen all they have to do is go into Chrome settings they can expose all my passwords immediately.

What steps would you recommend? I have a surface pro (5th gen) running Windows 10 Pro.

The original hacking occurred almost 2 months ago at which time I did the 'things I did'.. and believed I kicked them off? I'm not so sure, I've been using the ethernet cable & vpn for about 2 months with no issues. Just the other day I started having this problem, when I would come into the office and plug in and start-up, it would not connect to the network automatically. I couldn't figure it out, I checked my ethernet connections they seemed good. I went into network adapters, disabled/enabled and internet works perfectly. Have had to do this 2 days in a row now every time I boot up. I have a friend in IT I was telling about this yesterday she said it sounds like they are still on my PC or they are 'snooping' and that's why I have to disable/enable my router, she says I'm 'kicking them off' most likely. Can anyone comment on this?

Answer 1

Sounds like you need to do a bit more to reduce your attack surface. While you have already done a lot of things to improve your situation which is good, unfortunately you have absolutely no control of your physical network which is generally the source of most hacking attempts. This is compounded even further by the fact that that it is a shared network and you have no idea what is happening on that network. For all you know, someone sitting a few desks down could be Wiresharking (eavesdropping) all your network traffic.

So with that said and assuming you are not experiencing any problems on your home network, here are a few steps I would advise you to take to start with.

1. First off, back up all your data and personal files, VERY IMPORTANT to do this properly as you don't want to lose any data.

2. Do a fresh install of Windows 10. This is an important step because it may well be that you have some form of malware on your machine that you don't know of and your AV is not detecting it.

3. After doing a clean install of Windows, install the latest updates and drivers for your PC and then try using Bitdefender Total Security. Norton 360 has a very low detection score and I would strongly advise against using it. The firewall on your PC is the very last line of defense against hackers and malware/spyware/ransomware etc. You want to make sure you have the best level of protection available to you.

4. After installing your AV, go to your network adapter settings and change your DNS to 1.1.1.1 (Cloudflare) or 9.9.9.9 (Quad9). If you don't know how to do this, Google is your friend.

5. Download and run Shutup10 or something similar. It reduces Microsoft bloatware and improves the security on your PC by disabling a number of hacker friendly breach points.

6. Since you use Chrome, you should then install a few security extensions on it. The most popular ones are:

   • Cookie Autodelete
   • UBlock Origin
   • HTTPS Everywhere (EFF)
   • Privacy Badger (EFF)

7. Disable anything you can that involves IoT connections. Try not to use them at all. If you do have to use something over WiFi or Bluetooth, disable the adapters straight away after using them.

8. Grab an external USB drive, encrypt it with a strong password, and then install an offline password manager like KeePassX on it for all your passwords. It is a bit tedious to start with but once you have everything in it, it is very easy to manage and maintain. Then, when you need to provide usernames, passwords or anything sensitive, you will simply right-click, copy-paste them into the appropriate places when working online. Once this is done, get rid of all your Google passwords and turn all that kind of stuff off.

9. Add two step authentication for all your online accounts. If you use a mobile phone, grab something like FreeOTP and use it for everything you can.

10. Keep using your commercial VPN to connect to the outside world when you are in the WeShare office. Most VPN provider's also have an extension available for your web browser. If so, grab it and use it as well.

11. If you are interested in going down the path of setting up your own router, then grab something that has the capability of installing third party firewall firmware like DD-WRT, OpenWRT, or Tomato. If you are really keen, you could go all out and setup a PFsense box!

There are many other things that can be added to this list but this is a solid starting point.