Home and small business network/routing devices face new risk

David Pollino
Posted by David Pollino
Security

The FBI is warning of a new threat to small office and home office (SOHO) network devices and network access shares (NAS). Cybercriminals have compromised tens of thousands of SOHO devices, including home routers.

Hand plugging a cable into a home router, next to a computer and modem.A type of malware called VPNFilter is causing the damage. Once cybercriminals have gained access to one of these network devices through VPNFilter, they are able to view, modify, and steal data. In addition, reports suggest criminals have the ability to disable or destroy compromised devices as well.

What may be affected?

Some common home and small office routing devices affected include:

  • Linksys E1200, E2500, WRVS4400N
  • Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200, R6400, R7000, R8000, WNR1000 & WNR2000
  • QNAP TS251, TS439 Pro
  • TP-Link R600VPN

The threat may also affect the function of IoT devices (e.g., home security systems, thermostats) that are connected to SOHO devices.

Recommended actions

There is currently no easy way to determine if a router has been infected.

If you own one of these devices, you should conduct a factory reset, which typically involves holding down a button in the back for five to 10 seconds. Additionally, the FBI recommends that all SOHO router owners reboot their devices to temporarily disrupt the malware.

Owners should change default passwords on devices and ensure those devices have the most up-to-date software versions, and where applicable disable remote administration. As always, follow any guidelines that are provided by your device’s manufacturer.

You may find more details by clicking on the links below:

Reminder: All comments are moderated prior to publication and must follow our Community Guidelines.

Submit an Idea

[contact-form-7 404 "Not Found"]

You are leaving the Bank of the West Blog. Please be aware: The website you are about to enter is not operated by Bank of the West. Bank of the West does not endorse the content of this website and makes no warranty as to the accuracy of content or functionality of this website. The privacy and security policies of the site may differ from those practiced by Bank of the West. To proceed to this website, click OK, or hit Cancel to remain on the Bank of the West Blog.