The FBI Says Your Router Is Vulnerable to Russian Hackers. Here’s What to Do
What are you doing right now? Nothing? Good. Go find your router, that little flat black box that gives you wireless internet access, and reboot it to protect yourself from Russian hackers.
Yes, it's a pain, but yes, it's necessary, according to a slew of federal alerts that have come out over the past week. As the FBI explained in a public service announcement, "foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices," and your system could be affected.
This latest privacy issue comes from the ill-intentioned Sofacy Group, a team of cyberattackers. They developed malware that can collect data, block traffic and exploit vulnerabilities by infecting routers all over the world. The malware, called VPNFilter, "can render a device inoperable and has destructive functionality," the Department of Homeland Security said in its warning.
The Sofacy Group also goes by the name Fancy Bear, which you may recognize as the team thought to have hacked the Democratic National Committee and Hillary Clinton adviser John Podesta's emails in 2016. The members have spent about a decade attacking "government, military, security organizations and other targets of perceived intelligence value," according to a Justice Department news release. Investigators have said the hackers are linked to the Russian government.
The FBI just seized the domain the Sofacy Group was using in its scheme, starting to disrupt one stage of the infection process. And though the details of that are complicated, the solution is simple.
Here are four steps you should take right now:
Figure Out Whether You're Affected
Everybody should probably reboot their routers, but you should be especially concerned if you own a device from Linksys, MikroTik, Netgear or QNAP. Talos Intelligence determined that certain products from those brands are known to be affected by the malware.
Reboot Your Device
This is easy. Forbes reports you can simply go to the wall, unplug the router, wait a minute and plug it back in. This will temporarily stop the malware from working and aid the government probe. "Although devices will remain vulnerable to reinfection ... these efforts maximize opportunities to identify and remediate the infection worldwide in the time available before Sofacy actors learn of the vulnerability in their command-and-control infrastructure," the Justice Department said.
Change Your Password (And Make It Good)
If you choose to reset your router to factory settings — and you probably should — you'll need to create a new password. Follow best practices for strong passwords by making it hard to guess, mixing in numbers and letters, and including more than eight characters.
Secure Your Device
The FBI advises people to update their routers so they have the latest firmware, just like you do with your cell phone. It also recommends turning off remote management (if it's not automatically disabled). According to How to Geek, you can do this my opening up the web interface for your router and adjusting the "remote administration" settings.