Rubrik founder, chairman and CEO Bipul Sinha discusses stopping hacking efforts amid the country’s turmoil in The Claman Countdown.
Foreign hackers are looking to exploit vulnerabilities in American Internet routers as well The FBI offers tips for securing your home or office routers after it announced the actions it has taken to take down a Russian hacking unit.
Last week, the FBI and the Department of Justice announced that they had conducted a court-ordered operation to take down the US portion of the small office/home (SOHO) router network that was compromised by a unit within the Main Intelligence Directorate of the General Staff (GRU) Military Unit 26165.
The GRU used the routers to conduct Domain Name System (DNS) hacking operations against global targets of Russian government intelligence interest, including individuals in the military, government, and critical infrastructure sectors. They used a known vulnerability to steal the credentials of thousands of TP-Link routers, manipulating the settings of those routers to direct requests to servers controlled by GRU.
“The FBI decided that Russian GRU Cyber Players they have compromised vulnerable routers in the US and around the world, hijacking them for espionage,” Brett Leatherman, assistant director of the FBI’s Cyber Division, told FOX Business. Given the magnitude of this threat, the FBI has conducted court-ordered operations to disrupt the GRU’s access to compromised machines inside the US.”
US BLOCKS NEW FOREIGN INTERNET ACTIVITIES DUE TO SECURITY
Russian military hackers exploit thousands of small office/home (SOHO) routers, prompting the FBI to intervene. (Getty Images)
This work involved gathering evidence from bad routersresetting their DNS settings to ensure they are not directed to the GRU’s DNS resolvers and prevent Russia from using real access methods.
The government said in court documents that it has extensively tested the functionality of the firmware and hardware that was affected TP-Link routersand without blocking the GRU’s access, it did not affect the normal operation of routers or collect content information of legitimate users.
CRYPTO CRIME HAS SURPASSED THE FBI’S OVERALL CRIME REPORT AS AMERICANS LOSE BILLIONS OF MONEY TO NETWORKS.
The FBI and DOJ have issued a public service announcement on steps Americans should take to secure their routers. (Graeme Sloan/Bloomberg via Getty Images)
Leatherman said, “In line with that effort, the FBI, NSA, and international partners from 15 countries have issued a Public Service Announcement with technical information and protection guidance. While rebooting your router can reduce some threats, it won’t address this one.”
PSA encourages users of SOHO devices replacing end-of-life and end-of-support routers; upgrade to the latest available firmware; verify the authenticity of the DNS resolvers listed in the router settings; and update and apply security settings to prevent unwanted exposure of remote control systems.
MICROSOFT IDENTIFYING CHINESE GROUPS AFTER COMPLETE SHAREPOINT SERVER ATTACK
Russian military hackers exploited routers in 23 states, prompting the FBI to take action. (Stock)
Users are also encouraged to go to the official TP-Link website and review the affected documentation at the download center to learn about proper configuration. Additionally, they should make sure their routers have upgraded to the latest firmware and review end-of-life product lists to determine whether routers should be replaced.
“We urge all small office/home office (SOHO) router owners to replace end-of-support devices, update to the latest firmware versions, change default usernames and passwords, disable remote control connections over the Internet, and stay alert for certificate alerts in web browsers and email clients,” Leatherman said.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
Take the corrective actions outlined in our PSA, because protecting our networks requires all of us,” he added.
