By Arielle Mullen

Last week the FBI released a statement urging owners of small/home office routers to reboot their devices. VPNFilter malware, designed for information collection, device exploitation, and network traffic blocking, was discovered to have compromised hundreds of thousands of home and office routers worldwide. Researchers with Cisco identified the issue, and assisted the FBI in disseminating instructions on reboot/update firmware, even though their devices were not part of the confirmed target group. On the subject, Cisco reported

"Both the scale and the capability of this operation are concerning. Working with our partners we estimate the number of infected devices to be at least 500,000 in at least 54 countries. The known devices affected by VPNFilter are Linksys, MikroTik, NETGEAR, and TP-Link networking equipment in the small and home office space, as well as at QNAP network-attached storage (NAS) devices... The behavior of this malware on networking equipment is particularly concerning, as components of the VPNFilter malware allows for theft of website credentials and monitoring of Modbus SCADA protocols. Lastly, the malware has a destructive capability that can render an infected device unusable, which can be triggered on individual victim machines or en masse, and has the potential of cutting off the internet access for hundreds of thousands of victims worldwide."

KrebsOnSecurity offers thorough advice on how to secure your devices, and we're pleased to report that because we install business-grade firewalls (like Cisco/Cisco Meraki), our clients should not be impacted by the VPNFilter malware. If you have any questions, please get in touch with your M&I consultant today!

Recommended for you…