(Updated: 6-6-2018) Last week the U.S. Department of Justice and FBI took quick action to help stop a new malware threat named VPNFilter. The malware was specifically designed to attack network routers instead of the devices using them for network connectivity. This threat could make home and small office routers unusable and potentially could collect sensitive information that passes through it.
Statements have been issued by government organizations, requesting that routers are rebooted to cut off communication to the botnet. The list of targeted router manufacturers includes some of the most popular brands in-use:
- Linksys
- Mikrotik
- Netgear
- QNAP
- TP-LINK
- Asus
- D-Link
- Huawei
If your customers own any of these brands, it is critical that they re-boot the router. This can be done by simply unplugging the router and letting it sit for 60 seconds before plugging it back in. If your customers want to make sure they are doing everything they can to safeguard their router and network, they can also take the following steps:
- Update the router’s firmware. This attack could possibly target existing vulnerabilities that many routers have already patched.
- Change admin credentials on the router. If this information has been collected, the device can still be at risk or used in a future botnet attack.
- Disable remote-management settings that could be in place.
Even if customers are careful in how they browse, it is possible for hackers to take advantage of vulnerabilities in their hardware. It’s important to have a strong anti-virus solution in place like SecureIT, to help where it can to detect and block malware. Wi-Fi Support and Tech Home Support plans can also help with your customers questions on their Wi-Fi setup. (Note: Researchers continue to find more devices that are affected. It’s best to err on the side of caution and take action as soon as possible)
