A number of reports are currently circulating that claim that the FBI is asking users to reboot their routers as a means of combating a malware threat.
The claims in the reports are true. The FBI is indeed recommending that users reboot their home or office routers.
The FBI has published an official public service announcement in which it makes the reboot recommendation and outlines the reason why. The announcement notes in part:
The FBI recommends any owner of small office and home office routers reboot the devices to temporarily disrupt the malware and aid the potential identification of infected devices. Owners are advised to consider disabling remote management settings on devices and secure with strong passwords and encryption when enabled. Network devices should be upgraded to the latest available versions of firmware.
The US Department of Justice has also published a press release with information on the reboot request.
Complying with the FBI’s recommendation is a fairly easy task that should only take a few minutes for most users.
For those seeking more detailed information, Ars Technica has published a comprehensive analysis of the FBI’s recommendation and the malware involved.
It is likely that not all router models are vulnerable to the malware attack. However, it remains somewhat uncertain which models may have been affected and that is why The FBI has called for all routers to be rebooted. The Ars Technica report notes:
Authorities and researchers still don’t know for certain how compromised devices are initially infected. They suspect the attackers exploited known vulnerabilities and default passwords that end users had yet to patch or change. That uncertainty is likely driving the advice in the FBI statement that all router and NAS users reboot, rather than only users of the 14 models known to be affected by VPNFilter