New Malware Attacks Routers: What Churches Should Do
New Malware Attacks Routers: What Churches Should Do
Is your church at risk?
PAGE 1 of 2Single Page

The FBI recently made a formal PSA about a piece of malware called VPNFilter that is infecting routers used in homes and small businesses at an alarming rate. The difference in this strain versus others is that no one is quite sure what the impact will be, since it is a very sophisticated piece of malicious software.

What VPNFilter malware does

The malware uses default credentials to infect routers, meaning that it can be avoided by changing passwords and other security on devices. It "sniffs" network data where an infected device is physically located, gathering the passwords, usernames, and other credentials on that network. This can include supervisory control and data. And VPNFilter malware can serve as a relay point to hide the origin of incoming attacks that later use that information.

This software installs itself in three stages, and the impact of the third stage is not well known. The FBI has advised that everyone should reboot their routers, under the belief that this will mitigate the malware and prevent the third stage from executing in the future. However, this is not entirely correct in a technical sense.

Security engineers at Cisco Talos and Symantec recommend that people and organizations who own affected devices do a factory reset. This will remove the malware, but it also restores the router to all original settings. Because of the design of the malware to operate secretly in stages, it is difficult to tell if a router has been infected. So if your church's router is listed below, you will want to have your internal IT resource or contracted IT provider perform a factory reset and reconfiguration of the router.

Steps churches should take

Protect your church's router by taking the following steps.

1. Check to see if you are using any of the following routers:
  • ASUS: RT-AC66U, RT-N10, RT-N10E, RT-N10U, RT-N56U, RT-N66U
  • D-Link: DES-1210-08P, DIR-300, DIR-300A, DSR-250N, DSR-500N, DSR-1000, DSR-1000N
  • Huawei: HG8245
  • Linksys: E1200, E2500, E3000, E3200, E4200, RV082, WRVS4400N
  • Mikrotik: CCR1009, CCR1016, CCR1036, CCR1072, CRS109, CRS112, CRS125, RB411, RB450, RB750, RB911, RB921, RB941, RB951, RB952, RB960,
  • RB962, RB1100, RB1200, RB2011, RB3011, RB Groove, RB Omnitik, STX5
  • Netgear: DG834, DGN1000, DGN2200, DGN3500, FVS318N, MBRN3000, R6400, R7000, R8000, WNR1000, WNR2000, WNR2200, WNR4000, WNDR3700,
  • WNDR4000, WNDR4300, WNDR4300-TN, UTM50
  • QNAP: TS251, TS439 Pro, and other QNAP NAS devices running QTS software
  • TP-Link: R600VPN, TL-WR741ND, TL-WR841N
Related Topics:
From Issue:

Like This Article?

If you enjoyed reading this article, get more like it. Become a Church Law & Tax member today.

Learn more

Already a member? .

View All
from our store
Church IT

Church IT

Learn how to find the best solutions when choosing software and hardware for your church.
Youth Ministry in a #MeToo Culture

Youth Ministry in a #MeToo Culture

Develop boundaries and a reporting structure that keeps your youth program safe for everyone.
Best Practices for Technology Usage

Best Practices for Technology Usage

Establish policies and best practices to govern the use of technology for church staff.
Church Board Guide to Developing a Risk Management Strategy

Church Board Guide to Developing a Risk Management Strategy

Learn how to develop and implement a risk management strategy in your church.

ChurchSalary

ChurchSalary

Experience a whole new way to set compensation. Eliminate the guesswork – get access to detailed compensation reports in just minutes.