ROUTER SECURITY UPDATE
06-10-18: Router Security Issue Update:
PC Magazine reported last week that, ”The Wi-Fi router-killing malware known as VPNFilter is more dangerous than previously thought. The malicious code can actually infect over 70 different device models, up from a mere dozen.” “Last month, Cisco warned the public about the malware, which contains a self-destruct function that can brick a device. The company estimates that at least 500,000 wireless and broadband routers across the globe have so far been infected”. See the full PC Magazine article here: https://www.pcmag.com/news/361655/vpnfilter-malware-sinks-its-teeth-into-more-routers?utm_source=email&utm_campaign=dailynews&utm_medium=title
As you know the FBI has issued a warning about this threat, and Security Expert Brian Krebs has issued a warning also. Krebs has recommended steps to protect your device and your home network. The best guess at this time is that the VPNFilter malware will continue to spread and will impact even more router models. If your particular device is not listed in the PC Magazine article don’t think that the threat does not apply to you. The fact is, at some time in the very near future, it likely will. So, you too need to implement the counter measures in the list below, and please understand that none of these changes can do any harm. It would be unwise to think that these Russians are done screwing around with our routers just yet.
Here are the counter measures that should be implemented ASAP in the following sequence:
1. Power off the router wait 60 seconds and power it back on.
2. Change the router’s Admin Password (an Ethernet cable must first be connected to the router and to a PC in order to change router settings).
3. Turn off Remote/Wireless administration.
4. Turn off the Wi-Fi Protected Setup (WPS) function.
5. Turn off Universal Plug & Play (UPnP) function.
6. Update router firmware if updates are available.
Most routers use absurd Admin passwords as their default passwords right from the factory; for example: “password” or “admin” are two very popular choices used by the manufacturers. Hence the reason for changing the password to a new and very strong password. Specific information about how to perform these functions can be obtained from the manufacturer of your device and/or the internet via a Google search. If you are not comfortable doing this work yourself, please seek professional help.
For those who use ONLY the router/gateway supplied by your Internet Service Provider (ISP); and have no other networking equipment installed. Please understand that these devices are very proprietary and require information available only from the provider in order to make the recommended modifications. This information is not readily available via a Google search. We suggest you contact CenturyLink or Comcast or Spectrum for internet tech support and ask for specific instructions or, depending on your hands-on skills, for a service call if these modifications can’t be made remotely.
It is our recommendation that it is in the best interests of all users, regardless of their ISP, to attach their own router to the device supplied by the ISP. In this manner the ISP’s device will be used as if it were nothing more than a modem, and complete control of the network in the house will be retained by the home owner, because only he/she is in control of the router. In addition. third party routers regularly provide features and options not generally associated with the equipment provided by an ISP. Many users have and may continue not to take this recommendation, and that is of course their prerogative.
An opinion. No one should still be using a “G” router!!! “N” router technology is now almost 10 years old and has been improved upon by the introduction in 2013 of “AC” routers. In late 2018 the next router generation, “AX” will be rolled out and should be shipping in quantity by mid-2019. My point is simply this – it is a good time for “N” routers to join their “G” brothers in the router cemetery. This is because newer devices are generally less vulnerable to attack. As the “AX” roll out gets closer, I suspect that “AC” router prices will start to drop. No guarantee of a price drop – this is just our best guess.
Lastly, we believe that these Russian criminals are not done yet, so stay tuned folks!
Peter Cronas & Bob Walton June 10, 2018