As increasing cyber attacks to national security make networks more vulnerable, the Feds ask Internet users to restart routers to throw off aggressive, damaging hacking efforts.
While the General Data Protection Regulation (GDRP) in the European Union aims to strengthen privacy laws of online users, the U.S. federal government has issued a recommendation for those who own small office and home office routers to reboot their devices to erase any possible viruses from a malware they call VPNFilter.
An investigation conducted by researchers from Cisco’s Talos Intelligence Group along with “public-and-private-sector threat intelligence partners” including the FBI, revealed that hackers targeted millions of Linksys, MikroTik, Netgear and TP-Link routers. Their findings show at least 500,000 devices in 54 countries have been infected by malware that compromises routers and network storage devices. In turn, vulnerable networks give hackers the ability to steal personal information and carryout cyber attacks, according to the agencies.
As reported by the Washington Post, by simply unplugging your router, it disrupts the multi-stage, modular platform malware that is set up to carry out hacks that occur three stages. The reboot seems to be most effective at stage 1.
A statement by the Department of Justice said that the collective of hackers known as the “Sofacy Group” with names such as “pawn storm” and “sand worm” have been targeting “government, military, security organizations, and other targets of perceived intelligence value,” since 2007. To thwart attempts, the FBI obtained court orders to enter a domain. Eventually, they took over a part of a network infrastructure connected to malware.
In a blog, Talos revealed that they have not completed their study, but so far, they found that the VPNFilter malware caused serious alarm similar to destructive a software that damaged Ukraine’s infrastructure in 2017. The malware known as BlackEnergy crashed the country’s power grid.
In the Ukraine, malware switched off power stations remotely which knocked out one-fifth of the power capabilities of the country. The cause for alarm is that it occurred right under the nose of the country’s cyber security and had the potential to do much more damage, such as shut down critical parts of Ukraine’s entire infrastructure that relies on electricity and online networks to operate.
The reboot initiative leads to a larger concern: nation-state battles in the virtual world. According to researchers and intelligence, this more sophisticated form of warfare causes extensive damage.
“This is going to be the new battlefield, an unseen invisible battlefield where teams of hackers from various nations will duel,” remarked Max Boot, a Russian-born columnist, military historian and author of Invisible Battles in an interview with National Geographic. “It can take days or weeks to get [the power grids] running” if they are shut down by hackers.
“Cyber warfare is probably the greatest challenge that we have as far as our nation’s national security is concerned,” said Senator (D-Az) John McCain, Chairman of Senate Armed Services Committee in an interview with National Geographic. He continued, “When you see the potential of what a successful cyber attack can achieve, it can make you concerned.”
UK and US officials say that the current VPNFilter malware points to Russian hackers. In 2010, James Andrew Lewis, a senior vice president at the Center for Strategic and International Studies sat down with Al Jazeera and said that China and Russia housed some of the best hacking groups and provided sanctuaries for cyber criminals.
However, Ron Deibert’s research says that the origin of cyber attacks can still be inconclusive, “This could be individuals, criminals organizations, it could either be another country staging the attacks as if they are coming from China,” said Delbert, the Director, The Citizen Lab, Munk School of Global Affairs at the University of Toronto.
The future for soldiers just might change in years. Instead of the traditional battlefields, war will take place behind a desktop.
Along with rebooting your router, Krebs on Security, a cyber security news and investigation blog advises users to change the factory-default password and encrypt your connection, as well as, remove any remote administration capabilities.