We are just coming off a long holiday weekend in the United States, which means that many Americans haven't heard the latest alert from US-CERT and other entities regarding the ongoing VPNFilter malware attack on small and home office routers. Here's Fleming Shi discussing the attack with Scott Budman of NBC Bay Area:
Brian Krebs has an excellent post on what devices are affected and how the malware works on his security blog here. He also has some information on how other technologies such as WPS can play into the vulnerabilities of these routers. If you are responsible for securing networked electronics, this is a must-read.
The best action to take is to power down your SOHO routers immediately, to interrupt the payload. Wait for about a minute and then power back up. Apply the latest patches if available and then make sure that none of your devices are using default credentials. Additionally, Netgear advises customers to turn off remote management on the router, and Linksys recommends factory resets on all infected routers.
The FBI has also seized part of the malware command-and-control infrastructure and is working with domestic and international partners to identify and expose the actors behind VPNFilter.
If you'd like to connect with Fleming Shi, SVP of Technology at Barracuda, you can find him on LinkedIn here.
If you need help restarting your router or you are concerned about a possible infection that you cannot clear, contact the tech support team for your device. You may also be able to download a pdf of the user manual by searching the manufacturer's website for the device model.
Christine Barry est Senior Chief Blogger et Social Media Manager chez Barracuda. Avant de rejoindre Barracuda, Christine a été ingénieur de terrain et chef de projet pour des clients K12 et PME pendant plus de 15 ans. Elle est titulaire de plusieurs diplômes en technologie et en gestion de projet, d'un "Bachelor of Arts" et d'un "Master of Business Administration".Elle est diplômée de l'université du Michigan.
Connectez-vous avec Christine sur LinkedIn.