Published: Tue, May 29, 2018
Business | By Pearl Harrison

Reboot your routers to prevent Russian hacking

Reboot your routers to prevent Russian hacking

It is not uncommon that you might need to reboot your router because of some error or bug, but it's not often that you need to reboot it in the name of national security. The alert also added that updating firmware on network devices should help.

Anyone with a small office or home office router should power cycle, or reboot their routers to disrupt the malware.

The FBI believes hackers are blocking web traffic and collecting information that passes through these routers.

Sofacy, also known as APT28 and Fancy Bear, has been blamed for numerous most dramatic Russian hacks, including that of the Democratic National Committee during the 2016 USA presidential campaign. Talos, the threat intelligence agency for Cisco, estimated that 500,000 devices in 54 countries have been infected.

They say Russian hackers have compromised hundreds of thousands of private home devices in an effort to get into networks and see data.

"Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide", the Federal Bureau of Investigation wrote in a public service advisory this past week.

It could also give hackers access to personal information or even disable the router.

As we noted last Thursday, a reboot only removes part of the infection: the infected device will still try to contact command and control servers.

Specifically targeted in the attack are are Linksys, MikoTik, NETGEAR and TP-Link routers and QNAP network-attached storage devised. Those who are using remote management settings on mobile devices are advised to disable them.

Like this: