Protect Against VPNFilter Malware with a Router Reboot

Threats to our security, particularly our online security, happen every day. Just ask Chipotle, Dairy Queen, Lowe’s, Sony, Experian, or any of the host of corporations that have taken a data breach on the chin in the last several months. A new threat dubbed VPNFilter, which the FBI itself sent warning on, has emerged to challenge our security even at home.

  • Steps to Take to Protect Your Home Network Against VPNFilter

    Determine your router’s vulnerability. 

    Several breeds of router have already been identified as vulnerable to VPNFilter. However, even if your individual breed doesn’t appear on the current list, your router may still be at risk. If you have any of the following routers, be particularly vigilant.

    • TP-Link: R600VPN
    • QNAP: TS251, S439 Pro. Also included are QNAP NAS devices that run QTS software.
    • Linksys: E1200, E2500, WRVS4400N
    • Netgear: DGN2200, R6400, R7000, R8000, WNR1000, WNR2000
    • Mikrotik: 1016, 1036, 1072

    Reset the device.

    Resetting, or restoring to factory settings, will be a big help here. While your custom settings will be lost and need to be reset, it will help negate the malware’s impact.

    Reboot the device.

    While the reset will likely come with a reboot, a pure reboot will help further. Even just rebooting the device will disrupt the malware’s operations and allow identification of devices that have been individually infected.

    Reset ID and password.

    Custom log-in data will be removed with the reset, so that will need re-establishing. It also helps make the old information moot and useless.

    Change the default information.

    Take the opportunity to reset the defaults, and use strong passwords here where possible. Consider the use of a password generated automatically by a password manager tool.

    Apply any outstanding firmware updates. 

    This should be done routinely anyway, but if it hasn’t been done, do so now. Sometimes the service provider is responsible for this.

    Disable remote administration. 

    Cutting off remote administration allows for better system protection by cutting off one potential point of access.

    How to Prepare for Tomorrow’s VPNFilter

    You may have been able to protect against VPNFilter today at home, but what about threats to your business’s network? When you want to protect your business systems not just against today’s threats, but also tomorrow’s, get in touch with us at BlackPoint IT Services. We’ve got a complete range of network security services, as well as managed IT and disaster recovery options. When you want to protect against what gets past the FBI, just drop us a line.

Contact BlackPoint IT