The FBI recently issued a warning to everyone who has a router to reboot it in order to inhibit the spread of malware that is part of cyber-attack by the Russian government. While details of the damage that this program can do remains sketchy, and it’s still unclear as to how rebooting the router can help, the alert is being dutifully passed-on via tech sites and news outlets. Consequently, millions of users are following this simple instruction out of an abundance of caution. However, a significant number of users are also hesitant to heed this advice because they don’t trust what the FBI is saying.
Apparently, this malware strikes in three phases. The first is a seed phase which embeds software into the program. Somehow, phase two and three interact with the software and then cause a wide range of problems and threats. The malware can disrupt internet service. It can monitor all of the traffic in and out of the network. It can harvest all kinds of personal data and passwords. It can also be controlled from a remote location. It has the potential to wreak havoc.
The FBI has warned that more than 500,000 routers could have been infected, and that number can easily double in the days and weeks ahead. However, the agency also suggested that simply rebooting routers can disrupt the spread of the bug while incapacitating much of its functionality at the same time. The reboot is thought to interfere with how phase two and three communicate with phase one. While the program remains on the router, it can be isolated and essentially neutralized, at least in theory, until security updates from manufacturers are rolled out.
Makes sense, right? Not so fast.
The Feds also mention that rebooting the router will help to identify infected ones. That’s all they said. No specifics, no information about how routers are identified, no talk about how this process interferes with the malware. We can say with a good degree of confidence that some kind of information is transmitted, scraped or perhaps some software code gets embedded. Consequently, it is possible, at least in theory, that the reboot could activate some kind of tracking or surveillance bug that could be used by the government to monitor our internet activity.
While this is doubtful, and security experts would have probably alerted us to this threat if it were the case, the FBI has been under fire lately for their involvement in a lot of unscrupulous activities, all while public trust in the agency is at an all-time-low. Consequently, a warning such as this, that contains very little information, could easily raise the eyebrows of skeptics. Unfortunately, skeptics not represent a pretty sizable portion of the population, and now we’re faced with an even greater threat as a result.
If people don’t reboot their routers, then they may be exposed to a limitless array of security threats. On the other hand, rebooting the routers may give the government direct access to what we do online. The other option is to replace the router with a new one and start fresh. However, there’s no telling whether or not that router can be attacked in the future as well.
One thing’s for certain: Attacks on routers are going to increase because there are so many security flaws to exploit. Unfortunately, the response thus far has been more reactive than proactive, and this only increases our vulnerability. However, there are a couple of basic things that we can do to give ourselves some extra layers of protection.
First, frequently-change your network password, and also change the password that you use to login to your router control panel. Next, disable remote access, which is a key tool that hackers use to gain control over your router. Finally, make sure that you download the latest update of your router’s firmware, and periodically check for updates as well. This will help to ensure that you have the latest security software installed.
What do you think of this latest router scare? Is it legit or a ploy by the government to gain access to our Internet use and personal data? Do you think that we’ve come to the point where we can’t even trust the FBI? No matter what your opinion is, these are important things to be thinking and talking about as we become more-vulnerable to cyber-attacks.