FBI and DHS Urging Router Owners to Reboot Devices to Thwart Cyber Attack
Washington, DC – The FBI and Department of Homeland Security have issued an urgent warning for all users of home or small office routers to reboot their devices in a bid to disrupt malware from foreign cyber criminals. The malware, known as VPNFilter, is believed to have been developed by a Russian state-sponsored hacking group. Left unchecked, it can collect personal information and even destroy firmware, rendering infected devices useless.
“Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide,” wrote the FBI in its alert. “The malware is able to perform multiple functions, including possible information collection, device exploitation and blocking network traffic.”
Cycling the power of the routers – unplugging them, waiting a few seconds, then plugging them back in – can, at least temporarily, thwart the malware, which targets routers produced by several manufacturers – including Linksys, MikroTik, Netgear and TP-Link – and network-attached storage devices by at least one manufacturer.
“Rebooting affected devices will cause non-persistent portions of the malware to be removed from the system,” wrote the Department of Homeland Security.
The agencies also recommend disabling remote management settings on devices, securing them with strong passwords and encryption, and upgrading to the latest available versions of firmware.