Your 2025 Home cybersecurity to-do List¶

Using MITRE ATT&CK’s four priority areas, here’s a comprehensive breakdown of where your home defences are probably failing—and how to patch them like a duct-tape-wielding IT admin.

Priority #1: Initial access (Keeping hackers out)¶

Gap: “My router’s admin page is wide open.”¶

Attack Technique: Exploit Public-Facing Application (T1190)

Why It’s Bad: Hackers scan for routers with default credentials (admin:admin) and hijack them.

Fix:

• Change the default login (use a strong password).

• Disable remote admin access (unless you want strangers controlling your Wi-Fi).

Gap: “I click ‘urgent’ emails like it’s my job.”¶

Attack Technique: Phishing (T1566)

Why It’s Bad: One click = malware or stolen credentials.

Fix:

• Install uBlock Origin (blocks malicious ads/redirects).

• Train yourself (and family) to hover over links before clicking.

Gap: “My ‘smart’ devices use the same password.”¶

Attack Technique: Default Credentials (T1078.001)

Why It’s Bad: Hackers use botnets to brute-force IoT devices (like cameras).

Fix:

• Change default passwords (yes, even on the smart toaster).

• Put IoT devices on a separate Wi-Fi network (guest mode works).

Priority #2: Execution (Stopping malware in its tracks)¶

Gap: “My kid has admin rights ‘for games.’”¶

Attack Technique: Abuse Elevation Control (T1548)

Why It’s Bad: Malware runs wild with admin privileges.

Fix:

• Create a standard user account for daily use.

• Use Windows Sandbox or macOS Gatekeeper for sketchy downloads.

Gap: “I download ‘cracked’ software.”¶

Attack Technique: Malicious File (T1204.002)

Why It’s Bad: Pirated apps = malware freebies.

Fix:

• Use VirusTotal to scan downloads.

• Ask yourself: “Is saving $20 worth a ransomware attack?”

Gap: “I ignore browser updates.”¶

Attack Technique: Exploit Browser Engine (T1211)

Why It’s Bad: Unpatched browsers = drive-by download paradise.

Fix:

• Enable auto-updates for Chrome/Firefox/Safari.

• Ditch old plugins (Java, Flash, etc.).

Priority #3: Persistence (Kicking hackers out for good)¶

Gap: “I never check running processes.”¶

Attack Technique: Process Injection (T1055)

Why It’s Bad: Malware hides in legit apps (like explorer.exe).

Fix:

• Use Task Manager (Win) or Activity Monitor (Mac) to spot weird activity.

• Install Malwarebytes for occasional scans.

Gap: “My backups are always connected.”¶

Attack Technique: Data Encrypted for Impact (T1486)

Why It’s Bad: Ransomware can encrypt backups too.

Fix:

• Use the 3-2-1 rule: 3 backups, 2 formats, 1 offline.

• Test restoring files (or discover too late they’re corrupted).

Gap: “I don’t monitor login attempts.”¶

Attack Technique: Valid Accounts (T1078)

Why It’s Bad: Hackers reuse stolen passwords.

Fix:

• Enable login alerts for email/cloud accounts.

• Use Bitwarden or KeePass for unique passwords.

Priority #4: Exfiltration (Stopping data theft)¶

Gap: “My cloud syncs everything automatically.”¶

Attack Technique: Automated Exfiltration (T1020)

Why It’s Bad: Hackers love stealing synced files.

Fix:

• Encrypt sensitive files before uploading (use Cryptomator).

• Review Google Drive/Dropbox sharing permissions.

Gap: “I don’t check email forwarding rules.”¶

Attack Technique: Email Collection (T1114)

Why It’s Bad: Hackers forward your emails to themselves.

Fix:

• Check Gmail/Outlook rules for hidden filters.

• Use YubiKey or TOTP for email MFA.

Gap: “My smart TV has a microphone/camera.”¶

Attack Technique: Audio/Video Capture (T1123/T1125)

Why It’s Bad: Hackers can spy through compromised devices.

Fix:

• Cover the camera (tape works).

• Disable always-on voice assistants (sorry, Alexa).

Future-proofing for 2025¶

Final checklist¶

• MFA EVERYTHING (Email, router, cloud).

• Segment your network (IoT ≠ banking devices).

• Assume you’re already breached (monitor logs).

• Teach your family (or suffer their mistakes).