Turn on Turn off
Russian hackers are infecting hundreds of thousands of routers, and the FBI says you're at risk
The FBI wanted you to spend some time over Memorial Day weekend rebooting your internet router — just turning it off, waiting a few minutes, and turning it back on — or, better yet, updating its firmware to help thwart a sophisticated malware attack traced back to Russia's Sofacy Group, also known as Fancy Bear or APT28, believed to be controlled by Russian military intelligence. But it's not too late to do it now. The malware, dubbed VPNFilter, allows outside hackers to monitor or block web traffic, steal your data, and even permanently disable the router, the FBI says. The cyberattack was discovered by Cisco's Talos division, which said at least 500,000 routers in 54 countries have been infected.
Rebooting, which temporarily disrupts the malware, is easy, but updating your firmware is "a big ask on the part of the government," Hiawatha Bray writes at The Boston Globe. "While routers are as commonplace as PCs, hardly anybody knows how they work, or how to update their software. Most of us don't even protect them with passwords, much less know how to log onto a router to download and install software updates. I can't remember the last time I did, and I enjoy that kind of thing." He suggests looking up the default password on your router using its model and serial number, then logging on and installing a patch you update from the company's website. ("Easy enough, right?") The affected routers are made by companies including Linksys, MikroTik, Netgear, and TP-Link.