The FBI’s Nonsensical Advice to Reboot Infected Routers


The gov’t is a dubious source of information about cyber security.  I have personal experience in this area…..

Rebooting an infected router will do NOTHING to stop this botnet.  Rebooting the router(and the FBI is aware of this) will only stop the active payload that can lunch attacks.  The payload that allows the re-infection of the device is still inside the devices firmware which will result in a re-infection of the device.  There is only one way to stop this infection, replace the device.
I have been warning about the sorry state of these small, office routers for some time.  The brands known to be infected at this time are Netgear, Linksys, and TP-link.  I am sure others are also infected because most of these brands are being shown over and over to suffer from significant security vulnerabilities.  This is why I have stopped recommending them and and now recommend either PFSense or a Ubiquiti Unifi firewall or the Ubiquiti Edge firewall.  PFsense and the Ubiquiti lines are actively built from the beginning with security in mind and…most importantly…are actively maintained with regular updates to guard against either discovered or potential security vulnerabilities.  Netgear, Linksys, Tp-link and others are either not maintained at all or after the first year updates are silently abandoned leaving millions of these abandoned devices hanging in front of networks just waiting to be compromised.  You can browse other articles I have posted about these cheap home and office routers here.
The recommended course of action for ALL networks(home and business) using Netgear, Draytek, Linksys, Belkin, TP-Link, Asus…just to name a few should REPLACE these routers ASAP.  ETC Maryland can help with your decision.  ETC Maryland can either help you replace your router and show you how to maintain it or ETC Maryland can, for a small monthly fee, do the maintenance and monitoring for you.
ETC Maryland is doing a review of all clients current firewall installations and if there is a potential or known issue you will be contacted.  If you are using a Sophos, PFSense, or a Ubiquiti product, and your device is maintained by ETC Maryland, your security is still good to go as these devices are kept up to date.
Pass this message along to everyone you know to dispell the myth that a reboot is going to solve the security problems these little cheap routers present.  The cheap routers are now a security liability.  Proper network security is an ongoing process.   Contact me for an evaluation of your current router to see if you have a security vulnerability waiting to happen.
I can be reached either at wwarren@etc-md.com or 301-524-5271.