According to a recent advisory published by the Federal Bureau of Investigation, small business owners in the High Desert should reboot their routers to minimize their exposure to a new cyber threat.
What Businesses Are at Risk for Unsecure Data?
The routers affected by VPNFilter include those manufactured by popular brands such as NETGEAR and Linksys; they are mostly models used for residential and small business applications. The Cisco researchers have noticed the following malicious and destructive functions:
- VPNFilter opens a gateway to other malware infections and the potential of the router being conscripted into a botnet for denial of service attacks.
- VPNFilter monitors internet activity for the purpose of stealing important information such as username and password credentials.
- VPNFilter may lock up the router to cut off internet access. In most cases, this issue is solved by rebooting.
What is interesting about VPNFilter is that it connects to a command and control server where the botnet is hosted, and most of the malicious activity is concentrated in Ukraine. Since the nature of this attack seems to be focused on cyber warfare, it is believed that the Kremlin may have ordered an attack on Supervisory Control And Data Acquisition (SCADA) systems used to manage electrical power grids.
Secure Your Business Networks Against Cyberattacks
Just because VPNFilter appears to be developed by the Kremlin to disrupt life in Ukraine, High Desert business owners should not assume that they are impervious to this threat. In the past, the National Security Agency has detected instances of Russian cyber warfare launched against the United States on a trial basis; furthermore, VPNFilter can also be used by cybercrime groups who specialize in data breaches and identity theft.