The U.S. Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) released a joint Technical Alert about malicious cyber activity carried out by the Russian Government.
Russia is being accused by UK and U.S. authorities in a joint cybersecurity alert, of a massive campaign to undermine the security of firewalls and routers in a bid to support future attacks.
“The activity highlighted today is part of a repeated pattern of disruptive and harmful malicious cyber action carried out by the Russian government,” FBI deputy assistant director Howard Marshall said in a statement online.
“As long as this type of activity continues, the FBI will be there to investigate, identify and unmask the perpetrators, in this case, the Russian government.” he said. “We do not make this attribution lightly and will hold steadfast with our partners.”
Since 2015, authorities have been informed about “cyber actors” taking advantage of compromised residential routers and switches around the world.
These “cyber actors” are identifying vulnerable devices to pierce, where they can obtain device configurations, harvest login credentials, and control the traffic that goes through the compromised routers.
“Russia is our most capable hostile adversary in cyberspace...
...so tackling them is a major priority for the National Cyber Security Centre and our U.S. allies,” Ciaran Martin, CEO of the National Cyber Security Centre, said in a statement.
“This is the first time that in attributing a cyber attack to Russia the U.S. and the UK have, at the same time, issued joint advice to industry about how to manage the risks from the attack. It marks an important step in our fight back against state-sponsored aggression in cyberspace.”
“Many of the techniques used by Russia exploit basic weaknesses in network systems. The NCSC is leading the way globally to automate defenses at scale to take away some of those basic attacks, thereby allowing us to focus on the most potent threats,” Martin added.
What can you do to protect your router?
Update your router to the latest manufacturer firmware. If you use a CentraCom cable or DSL modem as a router, then you’ll need the do nothing. If you need assistance with your non-CentraCom router, we would be happy to assist with a password change or firmware update
CentraCom uses two cable modem with wifi enabled routers: Arris DG1670A, Motorola SBR6580 (Arris Router). All are similar to access the wifi setting to modify Network Name and key (also known as password).
To begin, be sure to use a computer that is connected to the modem.
- Launch web browser and put in the Internal IP Address (192.168.0.1) in the Address Bar of your browser
- Enter the username and password in the dialog box that pops up
- Username is: admin
- For Arris 1670 model password is: password;
- For Motorola 6580 model password is: motorola;
- Use the tabs at top or left of page to navigate to the wireless setting options and set up the information desired
If you are unsure or need help to set this up, please call the support number at 1-800-427-8449.
If you are using CentraWiFi Router, the screen on the base unit will show if a firmware update is available. Please follow the on-screen instructions, or use the mobile app to update the router firmware and network settings.