Published June, 2018
Malware that has infected a million routers. The recent discovery of a worldwide router based malware named VPNFilter shines light on how really vulnerable some network devices can be and how important it is to be diligent in maintaining security. VPNFilter malware, which is linked to the Russian government, manipulates internet traffic that passes through the router and can collect personal information, passwords and other sensitive information for fraudulent activities. It also can be used to commandeer the router to serve as a launching point for a broad range of internet attacks. Many of the routers already identified as susceptible for VPNFilter malware are well known popular routers that many users may have in their homes or home businesses.
It's very difficult to know for certain if your router is infected and experts looking at this malware suggest anyone who uses a model of router identified as a target and susceptible to VPNFilter assume they are infected. Steps, including an immediate reboot of the router, need to be completed without delay.
Router manufacturers notoriously produce later models to sell rather than
spending time and resources on upgrading firmware on older models. This can
present a security risk as new and more advanced malwares are developed that
prey on common models that are on the Internet. Unfortunately, without
constant administration and keeping aware of possible threats through news
sources, not a whole lot can be done. At the very least there are a handful
of settings that help limit known vulnerabilities and making sure to keep
firmware to its latest version, if a newer version even exists.
Some users find that certain open source firmwares like DD-WRT and Tomato,
among others, add a far greater layer of protection than anything else and
these firmwares enhance the router's performance and capabilities greatly.
Tomato allows users to monitor Internet traffic easily which can pick up on
any ongoing suspicious activity.
It's definitely too early to see how things are going to change with net neutrality coming to a possible end. In the very least some carriers are going to look at ways to increase earnings and we should all know what that can mean. So what should be done now, nothing. Just carry on and use the same tools, equipment and products that you would have yesterday.