Russian Malware and Protecting Your Business - Core Networks

Telcom and Cyber Security Blog

Russian Malware and Protecting Your Business

Jun 25, 2018 | Cyber Security

Hello Internet! We’re reopening our blog, and we figured a good place to start would be a discussion of a current event. In this post we’ll be discussing why the FBI has asked people to reboot their routers. The reason? A bit of Russian malware called VPNFilter.

Russian Hackers

A bit of info on this malware. At full strength, VPNFilter is a type of malware that performs “man-in-the-middle” attack, allowing hackers to digitally eavesdrop on infected devices. They can see the information flowing through that device, intercept it, and modify it. Since routers provide WiFi Internet, consider how much information flows through them: emails, passwords, account numbers, etc. To add insult to injury, the malware also enables the hackers to “brick” the device, meaning destroy it and render it useful only as an expensive paperweight/brick.

Before you panic, VPNFilter is a module malware. This means it comes in parts and is not downloaded all at once. The first stage of the malware is somewhat simplistic and doesn’t have all the scary features of the fully-assembled version. All Stage 1 of VPNFilter does is prop open a backdoor on your device.  This backdoor keeps it vulnerable to the hackers and allows the other stages of the malware to be downloaded later. If your device has Stage 2 or Stage 3 on it, rebooting your router will delete them. The part that IS scary is that rebooting your router – normally enough to wipe out malware completely – will only wipe out the more advanced stages of VPNFilter. Stage 1 will not be affected by a reboot, meaning the advanced stages can just be re-downloaded onto your router.

So what’s the point? Why is the FBI recommending that people reboot their routers if that won’t completely eliminate the malware? Because it’ll help them identify infected devices, and it’ll at least temporarily wipe out the advance stages, which is better than nothing. What people really need to do is reset their routers back to factory defaults, which would eradicate even Stage 1 of VPNFilter. The FBI isn’t recommending this solution because it would require people to reconfigure their routers, which can be difficult for some people to do.  If people don’t properly reconfigure their router it may leave them just as vulnerable to future attacks.

To use a figure of speech though, just rebooting your router is like closing the barn door after the horses have escaped. What you really need to do is beef up your safety measures to better prevent such things from happening in the first place. Here are some other steps you can take:

  • NEVER use the default username and password on an electronic device.
    • In most cases even a simple password created by you will offer better protection than the default password.
  • Have your devices download manufacturer updates on a regular basis.
  • Get an antivirus program and keep it up to date. Some antiviruses will detect and stop VPNFilter.

Learn more about malware here.

If you’re not tech-savvy, we can help! Get our CORE Complete Care plan and we’ll make sure your system – including antivirus – stays up to date for you!

It’s time we get serious about Cyber Security New Orleans

Trusted Business
corenets.com
This site has obtained the following certificates:
Reviews credibility
Certified

Customer reviews showcase the level and quality of service a website provides.

Trustindex collaborates with 131 review platforms to provide website visitors easy access to all real and verified reviews in one place.

Reviews from other platforms are displayed and added to the ratings only if they are proven spam-free and meet Trustindex's guidelines.

99% issue-free services
Certified

Trustindex continuously measures the satisfaction of your customers based on evaluations. Less than 1% of the customers surveyed indicated a problem.

Verified business
Certified

The website's contact information and business information has been independently verified by Trustindex.

Contact details
Phone:
+1 985-624-9970
Verified
E-mail:
Verified
Business data
Company name:
Core Networks | Managed Services & Cyber Security
Domain:
corenets.com
Company founded:
2002
Number of employees:
2-10
Start of Trustindex verification:
2024-04-29
Data protection
Certified

The website is constantly checked for security issues by Trustindex.

Safe Browsing: no problems detected
Blacklist
Not a Blacklisted Site
Valid SSL certificate
Spam
E-mail is spam-free
About Trustindex certificate

Websites that continuously maintain a high level of customer satisfaction and comply with a high level of security protocol can obtain a Trustindex certificate. When shopping, look for Trustindex certificates and buy with confidence.
More details »

For businesses
Build trust and increase sales with Trustindex certification.
More details »