A look at the dangers that routers face from malware like VPNFilter - and their implications on your home network security.
Your router is your home’s gateway to the internet and all of the great information available. Unfortunately, that also means that it’s the most vulnerable point in your home network security – one that is increasingly targeted by malicious actors.
From the perspective of a malicious actor, this makes perfect sense. Compromised routers act as great conduits through which to spread malware and other network attacks.
These attacks can spread quickly. A recent report from Cisco outlined that an advanced piece of malware called VPNFilter had infected at least 500,000 routers in both homes and small businesses.
VPN filter is an advanced piece of malware that serves two main purposes: intelligence-collection and destructive cyber-attack operations. It can do the following:
Persist through a reboot
Modifying non-volatile configuration memory (NVRAM)
Enable additional malware downloads
Install a virtual “kill switch” or self-destruct ability
It would be one thing to hijack a single network, but VPNFilter is also designed to link together all of the infected routers so that they could work together to hide the origins of a malicious attack.
VPNFilter is just one of the latest router attacks. In April 2018, up to 400,000 broadband subscribers in the United Kingdom were reported to be at risk thanks to vulnerabilities in the routers supplied by their broadband provider.
Why are so many routers vulnerable? One of the main culprits is their firmware – which is often outdated. Even when updates do arrive, users aren’t guaranteed to install them!
In addition, hardware manufacturers may not always feel a sense of urgency about updating their hardware or have the ability to do it. If you remember, we once reported a security flaw and then were told that there’s no way to fix it!
You still do have a few options to try to help keep your router safe from malware like VPNFilter.
Unplug your router
Reset your router password, especially if you are using the manufacturer default
Install any available firmware updates
Unfortunately, should these countermeasures fail, and your router becomes infected, the best recourse would be to replace it.