ICT Critical Security Advisory
The Department of Homeland Security has issued a warning about malicious software, or malware, called VPNFilter which targets home-network routers and puts at risk information that flows through them. To protect your information and limit access to your computing technology, you can:
- Turn your router off and then back on to remove critical parts of the malware from your router.
- You should do this immediately and routinely.
- As an added security measure, you can also reset your router to factory defaults and reboot. Doing so will require setting up your router to work on your network. (Manufacturer contact information is typically found on the bottom of the router.)
- Regularly reset storage devices that are attached to your home networks to factory defaults then reboot.
- Ensure that default passwords are not being used on network equipment.
- Ensure that remote management is turned off on routers. Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption.
- Ensure all devices are up-to-date with the latest patch versions.
- If you notice any suspicious activity that might be related to VPNFilter, report it to your local FBI field office, which can be found at www.fbi.gov/contact-us/field, or to the FBI’s 24/7 Cyber Watch at 855-292-3937 / CyWatch@fbi.gov.