Reboot Your Home Router!

Posted in Announcements

VPNFilter Malware Detected in Network Routers

Reboot Your Router Now!  

Summary: The FBI has issued a new, urgent warning in the United States to those who use internet routers in their homes or small businesses.   Georgetown University’s networks are not affected. The recommended action will help to thwart a cyber security risk in homes throughout the country.  UIS is informing our community and recommends users take action, as recommended by the FBI, to resolve known problems with home network systems.

Cybersecurity researchers have identified that foreign cyber actors have compromised hundreds of thousands home and office routers, and other networked devices worldwide. Routers are the network devices provided by your Internet Service Provider (e.g. Verizon, Comcast, AT&T, etc.)  to connect your devices to the Internet.

Affected Devices:  According to a Department of Justice report, the security threat known as VPNFilter is “able to render small office and home office routers inoperable.  The malware can potentially also collect information passing through the router”. There is no easy way to tell if your router has been compromised. Models from popular manufacturers like Linksys, Mikrotik, Netgear, QNAP and TP-Link may be affected.  

What You Need To Do? The FBI recommends any owner of office or home routers reboot their devices. To reboot, simply switch off your router, then turn it back on. When you reboot your router it interrupts their system, essentially destroying the part of the malware that allows the spyware to operate.

Some security experts advise that a factory-reset is the only sure-fire way to purge VPNFilter from a router. Once that is done, you will need to reconfigure all your network settings. Check your model’s instruction manual for help with both steps.  Linksys also recommends changing the default password.

Here are links to well-known router manufacturers. Please check with your brand for specific instructions.

Netgear

MikroTik

QNAP

TP-Link

Additional information: https://krebsonsecurity.com/category/latest-warnings/

Is Georgetown Affected? Georgetown University Information Services (UIS) does not use this family of network devices for data traffic.  Since network routers are prohibited for use in dorm rooms and departmental offices, there should be no threat of the malware intrusion. However, if you have installed, or are aware of a network router in your area, please contact the help desk for assistance with powering it down and connecting to the University wireless network safely and securely.

Contact: help@georgetown.edu or 202-687-4949 or toll-free 1-855-687-4949