FBI: Reboot your router to thwart foreign cyber malware

On May 25, 2018, the FBI issued a PSA alert that “foreign cyber actors” are targeting home and office routers and networked devices worldwide with malware. We are urged to reboot our routers:

Summary

The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices. Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide.The actors used VPNFilter malwareto target small office and home office routers. The malware is able to perform multiple functions, including possible information collection, device exploitation, and blocking network traffic.

Technical Details

The size and scope of the infrastructure impacted by VPNFilter malware is significant. The malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer. The initial infection vector for this malware is currently unknown.

Threat

VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router. Detection and analysis of the malware’s network activity is complicated by its use of encryption and misattributable networks.

Defense

The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.

~Eowyn

18 responses to “FBI: Reboot your router to thwart foreign cyber malware

  1. the fbi won’t state who or what is behind this “threat” except for “foreign cyber actors”? ….what a very generic description…I trust none of these organizations.
    “Owners are advised to consider disabling remote management settings on devices”….yep, that and a bunch of other stuff is already disabled

    Liked by 5 people

  2. Too little,too late. As it turns out,I have to re-boot from 3 to 12 times a day. Not a CLUE why.

    Liked by 2 people

    • If you’re having to re-set that often, I’d recommend just getting a newer router… I think they die (probably helped by multiple power outs here each year) after so many years, and the technological & security bells & whistles on new ones keep getting better. Get a used/refurb and save a ton (my DLink dual-band “ac” router with gigabit wired was <$30 at MicroCenter). Newegg usually has good deals on refurbs.

      You might also check the manufacturer website for an upgraded firmware, or do a complete setup from factory default re-set… but in my experience, that only helps for so long if it’s “time to upgrade” anyway. Techier types than me advocate going with a third-party router firmware/software called Tomato, but I’m not ready to try that yet…

      Liked by 5 people

    • You are not the only one having to reboot…I do that two to three times each day. And I have no clue why, either. My computer has all the latest protections yet not the “recommended” upgrades.

      The computer is not my domain…it’s the kitchen. And I prefer it that way. 😊

      Guarantee you Gates has no clue how things work in a kitchen without “Alexa.”

      Like

  3. Thank you for sharing this, my computer has been acting off while i’m online lately, issues i’ve never had before. Was wondering if it was some kind of virus or malware/spyware.

    Liked by 3 people

  4. there are several good anti-malware & anti-virus products available for free that do a fair job of keeping your hardware safe. And use your head. don’t go to risky sites or open unfamilair emails or attachments. I don’t see how rebooting your router would help, but for other reasons you should do it once in a while anyway.

    Liked by 3 people

  5. Mine has been acting up, but only on the 2GHz guest band, which is the only one I keep visible (so neighbors can see it), because my new security camera, old TV, and printer require a visible WiFi connection. It’s still secure, encrypted, and requires a password… just “visible”. But seeing a router is the first step in hacking it. So I suspect it may have been.

    I saw the Rx to reboot on the news and here, so I did, and will see if that helps. I do power cycle it once every month or two when power outages fubar my device IPs (handed out haphazardly via DHCP). It does the job. But this time I went into the router webpage and rebooted it via software… Seems fine now.

    Liked by 3 people

  6. Bill Gates’ revenge…

    Liked by 2 people

  7. That’s downright ridiculous, turning the router off and then on again won’t remove anything nasty, and this is supposed to be the best advice the FBI could issue? Really?

    Are we sure they aren’t up to something, like installing malware instead? (Remember that the NSA compromised cisco routers hardware with their own spy hardware before they even ended up at stores, and this was a few years back.) or embedded something in the hardware that would activate on a re-boot? Even regular corporations in the past have issued free tools to repair things that were considered big problems, yet the FBI can only suggest turning the machine off and on again, like bad tech support who don’t speak much english?

    Suffice it to say, I suspect something else is afoot.

    Liked by 1 person

    • How would rebooting (turning off, then on) a router introduce malware?

      Like

      • Just in case I rebooted, I feel like booting the government because I DONT BELIEVE ANYTHING specially [as in Comie]ing from the FBI , they might be concocting a new probe against Trumpsters.

        Like

      • Basically the power switch being turned off, and then on again as a command for hardware in the device to turn on, or possibly for software being pre-installed in the device, and then activated on a reboot (like when you install or uninstall a program on a computer, sometimes a reboot is required to “get it all” as some files might be modified at boot time.)

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s