New Cyberattack Targets Home and Small Business Routers and NAS Devices

Computer screen showing danger from soho malwareThe FBI is urging people with SOHO (small office, home office) routers and some Network Attached Storage (NAS) devices to reboot by power-cycling the device immediately because of a new security threat in the form of what’s called a BOTNET that targets these devices. This BOTNET, named “VPNfilter” is multi-stage malware that can result in loss of information up to destroying these models. This cyberattack is thought to be state-sponsored. The routers include brands and models that are typically found at Best Buy, Walmart, or purchased from Amazon such as Linksys and Netgear. The NAS devices specifically mentioned include those manufactured by QNAP but as a precaution this should apply to any SOHO NAS devices. Rebooting will neutralize part of the threat as the second stage of the malicious code will not survive the reboot process (the first part will survive rebooting). However, there are a few other recommendations consumers should take that include:

  • Disable the remote management features of the router or NAS
  • Change the login credentials (username and password) and make sure they are secure
  • Be sure to update to the manufacturer’s latest firmware.

Have questions or need assistance with this serious security threat? Give us a shout and let us make it easy for you!

 

Sources:

FBI
https://www.ic3.gov/media/2018/180525.aspx

 

United States Justice Department
https://www.justice.gov/opa/pr/justice-department-announces-actions-disrupt-advanced-persistent-threat-28-botnet-infected

Department of Homeland Security
https://www.us-cert.gov/ncas/alerts/TA18-145A