Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 29 May 2018 / Published in Woo on Tech

Why is the FBI asking me to reboot my router?

Unfortunately for the information security industry, a lot of other news was breaking this past Memorial Day weekend, so it’s entirely possible that you missed a PSA, tweet or even email from the Federal Bureau of Investigation asking you, citizen, to please reboot your SOHO (Small Office/Home Office) router, and to also disable remote management (if enabled) on the device. Apparently, up to half a million routers from  Linksys, MikroTik, NetGear TP-Link and network attached storage (NAS) devices from QNAP are impacted by this malware threat, which has spread to 54 countries around the world. Initial analysis pins the blame on the same Advanced Persistent Threat (APT) group APT28 or “Fancy Bear” – the same group accused of perpetrating the attacks on the Democratic National Committee in 2016.

What this means for you

If you happen to be one of our managed firewall clients, you are not impacted by this version of VPNFilter malware. However, if you happen to be powered by one of these listed devices, you should contact us immediately to discuss short and long term security implications:

Linksys Devices:

  • E1200
  • E2500
  • WRVS4400N

Mikrotik RouterOS Versions for Cloud Core Routers:

  • 1016
  • 1036
  • 1072

Netgear Devices:

  • DGN2200
  • R6400
  • R7000
  • R8000
  • WNR1000
  • WNR2000

QNAP Devices:

  • TS251
  • TS439 Pro

TP-Link Devices:

  • R600VPN

Researchers are still trying to determine exactly what this attack platform is meant to do,  but they have confirmed that it can collect confidential information (such as website logins) and has a self-destruct code that can literally render affected devices inoperable, possibly permanently.

In the short term, rebooting the router will eliminate a part of the threat, but if the device is compromised, the only way to remove the rest of the malware is to completely factory reset the device (or replace it), which means you will have to reprogram it to get connected back to the internet. If you’ve not done this before (and even if you have), this may not be straightforward and can be very disruptive to your operations. Most professional environments, especially offices with servers, may have configurations that are modified from the “vanilla” settings provided by a factory reset, and unless you have a backup or written documentation, may be difficult to reproduce quickly or without a lot of trial and error. Make sure you consult with a technology professional before pushing the factory reset button on your device.

Image courtesy of Nat_Stocker at FreeDigitalPhotos.net

  • Tweet

What you can read next

ID-10094225.jpg
Recent Bank Website Attacks Were Sophisticated
Apple AirTags used to stalk women
Passwords are a Dead End
Passwords can no longer protect us

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • The invisible algorithm bubble

    Most of you have known about this aspect of Int...
  • Security is about to get even more complicated

    We’ve discussed in previous blogs how tec...
  • RIP Skype

    Two years ago, in 2023, Microsoft announced tha...
  • Make a list, check it twice!

    Get ready to show your work

    I’m sure it’s still a thing for stu...
  • Windows 10 Countdown

    As of now, Microsoft seems to be holding fast t...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP