Turn your router off, wait a few seconds and then turn it back on!
That's what the Federal Government agencies are warning Americans to do to take steps to protect themselves against malware linked to Russian hackers. On Wednesday, May 23, Cisco (one of the largest manufactures of network equipment blogged “New VPNFilter malware targets at least 500K networking devices worldwide”
Although Cisco devices have not been observed to be vulnerable, the FBI recommended rebooting all Small Office/Home Office routers. The bureau called the possible size and scope of the infiltration “significant,” yet the actual infection is “unknown.”
Without going into a lot of technical detail, the malware has 3 stages to it and rebooting routers will basically disrupt stages 2 and 3. Rebooting means, unplugging the power to your router, wait a few seconds and then restore the power.
However to prevent reinfection, routers need to be reset to their default settings and have their firmware updated. NOW, before you start panicking about “How the heck do I do that?” here is a bit of good news.
Symantec published a list* of vulnerable devices
- Linksys E1200
- Linksys E2500
- Linksys WRVS4400N
- Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
- Netgear DGN2200
- Netgear R6400
- Netgear R7000
- Netgear R8000
- Netgear WNR1000
- Netgear WNR2000
- QNAP TS251
- QNAP TS439 Pro
- Other QNAP NAS devices running QTS software
- TP-Link R600VPN