In this week's Technology Today, we are bringing you an ALERT from US-CERT (United States Computer Emergency Readiness Team)! Cyber actors are targeting small office/home routers (SOHO), network devices and network-attached storage devices (NAS)!
WHAT'S THE DEAL?
US-CERT announced, cybersecurity researchers unveiled that cyber actors have affected 100,000+ home and office routers, as well as other network devices, using VPNFilter malware.
HOW DOES VPNFILTER MALWARE WORK?
'It uses a modular functionality to collect intelligence , exploit local area network (LAN) devices, and block actor-configurable network traffic. Specific characteristics of VPNFilter have only been observed in the BlackEnergy malware, specifically BlackEnergy versions 2 and 3.' - US-CERT
HOW COULD THIS IMPACT YOU AND YOUR COMPANY?
- Temporary or permanent loss of sensitive data and/or proprietary data
- Interference with day-to-day operations
- Harm to a company's reputation
- Financial losses incurred to restore files, if a Backup & Disaster Recovery System is not in place
WHAT SHOULD YOU DO?
According to the Department of Homeland Security and the FBI, you should power off and reboot any and all routers and network devices. Use your in-house or outsourced IT team to assist. Additionally, report potential criminal activity to the FBI.
FBI Field Office Agents - https://www.fbi.gov/contact-us/field-offices
CyWatch, FBI's Cyber Watch Division - 855-292-3937 / CyWatch@fbi.gov
When submitting reports, kindly provide as much information as possible.
Items that should be included -
- Type of Activity
- Number of People
- Type of Equipment
- Point of Contact
- Name of Company Submitting
Did you find this blog informative? Were you affected? Do you have a subject you would like for us to cover next? Sound off below and be sure to subscribe to our emails!
Until next time, Techies!