As Americans were coming back from a long Memorial Day weekend 2018, an unusual FBI request for cybersecurity help was going mainstream.
My wife read it to me, from someone's Facebook post, while we were driving across the Oregon Cascades.
The request is unusual based on its scope and the target audience—anyone with a router.
"The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices. Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide. The actors used VPNFilter malware to target small office and home office routers."
VPNFilter malware can apparently track and collect information you send through an infected router and also is able to act as a built-in kill switch. If hackers activated a sweeping attack at one time, it could knock hundreds of thousands of us off the internet at any one time.
And not just individuals, of course, but businesses, agencies, and government offices that use these types of routers, as well.
Cisco Talos researchers say more than half a million routers around the world are infected with VPNFilter malware right now, and the number of infections are growing.
Why do I need to reboot my router?
Why is the FBI asking you to reboot your router?
Researchers found that powering down and unplugging your home router for about a minute can, in some cases, disrupt or effectively break the malware so it cannot continue with a cyber attack that takes control of your router.
The malware is believed to be the work of "Fancy Bear," according to the FBI. That is the same hacking group that is to blame for the DNC hack during the 2016 presidential election.
As we detailed in a report last week, the router attack has several stages to it.
In addition to potentially disrupting this attack, you can increase your router security by changing some settings if you have a few minutes. Security expert Brian Krebs has a nice post today that walks you through making your router more secure.
Crowdsourcing a solution to cybersecurity
Just a couple of weeks ago, we saw the Secretary of Homeland Security speak at the RSA Conference. Kirstjen Nielsen talked about the 5 Cyber Challenges Homeland Security is Making and a Warning for DIgital Foes. One of the points she made about cybersecurity was that the solutions would have to be crowdsourced.
"Hyperconnectivity means my risk is now your risk, your risk is now my risk. We have a weakest link problem," she says. "Collective defense is the key to long-term strategy. We must crowdsource to warn of attacks and crowdsource the proper response."
If this is a lasting cybersecurity paradigm, then this recent FBI request to reboot your router may be the first of many responses to cybercrime in which agencies crowdsource a potential response.
