Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT
Tuesday, 29 May 2018 / Published in Woo on Tech

Why is the FBI asking me to reboot my router?

Unfortunately for the information security industry, a lot of other news was breaking this past Memorial Day weekend, so it’s entirely possible that you missed a PSA, tweet or even email from the Federal Bureau of Investigation asking you, citizen, to please reboot your SOHO (Small Office/Home Office) router, and to also disable remote management (if enabled) on the device. Apparently, up to half a million routers from  Linksys, MikroTik, NetGear TP-Link and network attached storage (NAS) devices from QNAP are impacted by this malware threat, which has spread to 54 countries around the world. Initial analysis pins the blame on the same Advanced Persistent Threat (APT) group APT28 or “Fancy Bear” – the same group accused of perpetrating the attacks on the Democratic National Committee in 2016.

What this means for you

If you happen to be one of our managed firewall clients, you are not impacted by this version of VPNFilter malware. However, if you happen to be powered by one of these listed devices, you should contact us immediately to discuss short and long term security implications:

Linksys Devices:

  • E1200
  • E2500
  • WRVS4400N

Mikrotik RouterOS Versions for Cloud Core Routers:

  • 1016
  • 1036
  • 1072

Netgear Devices:

  • DGN2200
  • R6400
  • R7000
  • R8000
  • WNR1000
  • WNR2000

QNAP Devices:

  • TS251
  • TS439 Pro

TP-Link Devices:

  • R600VPN

Researchers are still trying to determine exactly what this attack platform is meant to do,  but they have confirmed that it can collect confidential information (such as website logins) and has a self-destruct code that can literally render affected devices inoperable, possibly permanently.

In the short term, rebooting the router will eliminate a part of the threat, but if the device is compromised, the only way to remove the rest of the malware is to completely factory reset the device (or replace it), which means you will have to reprogram it to get connected back to the internet. If you’ve not done this before (and even if you have), this may not be straightforward and can be very disruptive to your operations. Most professional environments, especially offices with servers, may have configurations that are modified from the “vanilla” settings provided by a factory reset, and unless you have a backup or written documentation, may be difficult to reproduce quickly or without a lot of trial and error. Make sure you consult with a technology professional before pushing the factory reset button on your device.

Image courtesy of Nat_Stocker at FreeDigitalPhotos.net

  • Tweet

What you can read next

Yahoo logo
Yahoo Mail back in the news
Europe leads the charge against misinformation
ID-100144458.jpg
Number of android ransomware infections growing rapidly

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • half open laptop

    Technology Transparency: Why We Don’t Hide Our Markups

    Go look up Microsoft 365 Business Basic on Micr...
  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP