The VPNFilter Attack and Beyond: 3 Ways to Stay Safe in a Scary Cyber Security Climate

Small business owners have been on high alert since last month, when the FBI announced that VPNFilter has infected over half a million consumer devices—and recent reports suggest the attack was on an even bigger scale than initially thought. The malware menace is reportedly the handiwork of a ring of Russian state-sponsored hackers that goes by multiple names, including “Fancy Bear” and the “Sofacy Group”—the same cyber crime syndicate accused of tampering with the election during the 2016 United States presidential race.

The group’s latest cyber strike is just as sophisticated as you would imagine.Though experts are still trying to learn all that VPNFilter is designed to do, the malware is clearly capable of committing two damaging actions: stealing website credentials and issuing a self-destruct command, rendering infected devices inoperable. The hackers’ methods have stumped researchers, who are not yet sure how 500,000 devices were infected with VPNFilter.

Worse still, new findings suggest the malware can even attack endpoints behind your firewall—so don’t assume you’re in the clear until you know for certain you weren’t affected.

Running a small business can be stressful enough—and cyber threats like VPNFilter don’t make it any easier. In an uncertain world, here are three surefire ways to strengthen your cyber security and protect your business from harm.

Assess any damage

While some attacks leave your device completely and obviously unusable, others can lurk undetected for months or even years—quietly collecting a devastating amount of sensitive data. It’s important to determine if and how your device has been infiltrated by hackers before you move forward with preventative measures.

In the case of VPNFilter, signs of infection can be unclear. But if you own a Mikrotik cloud core router, or a Linksys, NetGear, TP-Link, or Qnap device (find a complete list of known infected models here) and it’s connected to the internet, you should reboot (or unplug, wait a few seconds, then replug) the device as soon as possible. This should wipe part of the infection, if there is one.

Fight fire with firewall

Your network’s first line of defense against cyber attacks, like VPNFilter, is its firewall.

Think of the firewall as a moat protecting your network. A firewall cluttered with unnecessary objects and long disabled rules is like a murky moat—the alligators can’t detect threats as well as they should. For this reason, it’s important to regularly cleanse your firewall of ineffective policies .

The only thing stronger than a clean and simple firewall? A firewall supported by a router. Though some of their capabilities overlap, a router can perform actions that a firewall can’t and vice versa. Always place a router behind a firewall.

Since some particularly sneaky malware like VPNFilter can get behind your firewall, it’s important to remain vigilant. Comprehensive monitoring and management can help keep your business safe from even the most malicious attacks.

can link to other post on cleaning up your firewall when it’s live

Trust the professionals

Small staffs of overextended employees make small businesses especially vulnerable to attack. If treating VPNFilter infected devices and streamlining complex firewall configurations sounds outside of your time constraints or job description, you’ve come to the right place.

The IT security specialists at eMazzanti are here to help every step of the way—from finding the perfect firewall for your small business to offering 24/7 network monitoring to keep your data away from prying eyes.

It’s a scary cyber security climate. But knowledge of your device or network status, proper firewall maintenance, and guidance from the pros can help protect your business from dangerous threats. Contact eMazzanti today to find out more about our firewall and security services.