FBI Kansas City tweeted Tuesday a warning of small office and home office routers: reboot them to fend off foreign cyber actors.
The Kansas City branch linked to a Friday press release from the FBI that announced "hundreds of thousands" of home and office routers had been compromised by malware.
The cyber infiltration, which The New York Times reported is believed to have come under the direction of Russia's military intelligence agency, affected an estimated 500,000 devices.
The malware can collection information and block access to the internet, the FBI said.
The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices," the FBI said in the release. "Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware."
Isaac Elliott, a senior security engineer for Alias Forensics, an IT security and digital forensics company with a satellite office in Kansas City, recommended not just a reboot but a hard reset of devices.
A hard reset can be performed by finding your router's "reset" or "reset factory settings" button. You may need to push the button for 10 seconds.
Elliott said only those who have unsaved work at the time of the reset will lose data. Most people will not lose anything.
The malware can slow down internet surfing and transform your device into a unit of a "bot army," Elliott said. In the past, such bot armies have been used for a denial-of-service attack, where the units together flood a targeted website, such as those of banks or organizations, with the aim of shutting down their servers.
The "army" can be directed by a central point of command.
The Justice Department seized a web domain thought to be integral to the malware's command infrastructure, The Times reported. New attempts to reinfect compromised routers will direct those devices' IP addresses to the FBI.
Elliott said he was not surprised by this latest cyber infiltration, saying such efforts are becoming more commonplace.
"There's been a lot of back and forth between countries," he said. "If we hear about it, great. A lot of times we don't until it affects everyone."
