FBI Issues Warning After Russia Malware Attacks: 'Reboot Your Routers'

The F.B.I. has issued a warning, asking the owners of hundreds of thousands of Internet routers to [...]

The F.B.I. has issued a warning, asking the owners of hundreds of thousands of Internet routers to reboot the device to prevent Russian malware.

The bureau posted an alert on Friday, warning Americans that "foreign cyber actors" have launched a worldwide attempt to breach small home and office routers and other networked devices. According to the alert, the attackers used VPNFilter malware, which is potentially capable of collecting information, exploiting devices and even blocking network traffic.

The bureau recommended that anyone who owns a home or office router simply turn it off and then turn it back on again to disable the malware. The attack targeted a huge range of devices, and investigators were unable to narrow it down by manufacturer or other categories.

"The malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer," the alert said. "The initial infection vector for this malware is currently unknown."

If left unattended, the malware has the potential to render routers completely inoperable. It can also collect information that passes through the router. So far, investigators aren't sure just how much detail the malware can collect, as it is masked by layers of encryption and "misattributable networks."

Luckily, the F.B.I. says that the solution is very simple. Rebooting the routers should temporarily disrupt the malware and help identify infected devices. Those who are using remote management settings on mobile devices are advised to disable them. The bureau also reminds everyone to use strong passwords and encryption wherever possible. The alert also added that updating firmware on network devices should help.

According to a report by arstechnica, the malware has infected at least 500,000 devices in the U.S. According to researchers from the security team at Cisco's Talos, the malware was most likely developed and launched by hackers working for "an advanced nation," which could be Russia.

The security experts added that the most vulnerable devices were manufactured by Linksys, Mikrotik, Netgear, QNAP and TP-Link.

On Twitter, many users were panicked by the news story. Some found it especially distressing as it came just one week after President Donald Trump eliminated the position of cybersecurity coordinator all together.

According to a report by CBS News, the position has been open since Rob Joyce resigned last month. At the time, White House Press Seceretary Sarah Huckabee Sanders said that Joyce would "stay on as needed to provide continuity and facilitate the transition with his replacement."

0comments