Earlier this month the FBI put out a call to all internet users: Reboot your router! Now, they’re asking consumers to do a little more, by updating router firmware and doing a full factory reset. 

The cries for action come after it was discovered that Russian hackers infected over half a million consumer routers with a malware known as VPNFilter, which performs a “man in the middle” attack on incoming web traffic. Experts are still trying to determine exactly what VPNFilter can do, but we know that it can modify the content delivered by websites, steal credentials and even issue a self-destruct command. 

Targeting home routers, which get information from the modem to a variety of connected devices helps hackers gain access to a plethora of devices. In the age of IoT and smartphones, a router is a necessary accessory for any home internet customer wishing to use more than a single device at a time.

According to Cisco, the attack was initially suspected to affect a relatively small collection of Linksys, Mikrotik, NetGear, Qnap and TP-Link devices, but recently it was discovered that Asus, D-Link, Huawei Ubiquiti, Upvel and ZTE devices are affected as well; along with a greater collection of model numbers from the brands originally discovered.

To infiltrate the routers, hackers took advantage of known exploits or default credentials that come pre-packaged with each device, making the attack simple to carry out.

On the Cisco Talos blog, a full list of affected routers is listed, along with more technical details behind the attack and its discovery. If your router is on the list, you are urged to do the following:

Upgrade Your Router’s Firmware

The process for updating a router’s firmware varies from model-to-model, so consult your owner’s manual. Current router firmware updates can be downloaded from your provider’s website, and the update process occurs within your router dashboard, which you will need a username and password to access. If you have never updated your router’s login information, oftentimes the default credentials are simply “admin” and “password.”

Factory Reset Your Router

 A full factory reset is not something that you can by simplify unplugging your router’s power cord (that’s just a simple reboot).

A factory reset brings your router back to its out-of-the-box form, which means you’ll have to set up your personal network from scratch. When you set up your network, remember the name and password you had previously used, because if you change the name of your network or your password you’ll be prompted to resubmit your credentials on every network device next time you log in. Your phone, computer, echo, iPad, printer, TV, security camera, refrigerator… the list goes on and on depending on how many devices you have attached to your network. That can present a major hassle.

By completing these two steps, you should have eradicated any trace of VPNFilter which may have infected your system and be safeguarded from future attacks.

Other Wi-Fi Router Security Best Practices

Be proactive about protecting the security of your Wi-Fi Network by:

Routinely Updating Your Firmware

Regularly check to see if firmware updates are available, and if they are, then download it.

Set a Unique Username & Password

Since router’s typically come out-of-the-box with incredibly weak passwords it’s very important to remember that these passwords were designed this way so that you can change them to your liking. If you haven’t already, change your router password to something uniquely you.

Replace Your Router Every Once in a Blue Moon

Just because your router still works, that doesn’t mean it’s still living the life it should. Your device will have reached the end of its life when the manufacturer stops supporting it with new firmware updates. Typically, a router has a shelf life of 3-5 years at which case, firmware updates are discontinued and the device becomes more susceptible to cyber-attacks.

Is Your Business Network Up to Par?

At ThrottleNet, we’re business IT security experts committed to ensuring your network is always protected from any cyber security concern that can pose a threat to your infrastructure. Learn more about our IT consulting capabilities, Managed Network plans and contact us today to get started.