The ongoing cyberwar between the U.S. and China has a new front: The FBI is warning that certain internet routers are being "hijacked" by Chinese hackers.
"It could just be an everyday business or individual, and their device essentially could be turned into a platform for the Chinese government to attack U.S. interests, whether that's defense or the government," said Steven Adair, president of cybersecurity firm Volexity.
The FBI says the attacks target older routers with outdated security made by Cisco and NetGear. Hackers can secretly install malware, and use the routers to launch cyberattacks on critical U.S. infrastructure. The bureau announced this week that investigators took down "hundreds" of infected home and small business routers.
"Hackers are targeting our critical infrastructure, our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems. And the risk that poses to every American requires our attention now," FBI Director Christopher Wray told a Congressional committee earlier this week. "China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real world harm to American citizens and communities."
Cyber experts say you can protect yourself by making sure your router gets regular updates. Check the settings to make sure remote access is turned off. And if the router is 10-15 years old, it may be time to buy a new one.
"It has a potential business impact of downtime. But, you know, the alternative is essentially someone stealing data, or ransomware," Adair told Scripps News. "They encrypt all your data and extort you."
It's not the only form of cyberattack linked to China: In December, Adair's company discovered Chinese hackers exploited technology made by Ivanti that lets workers log in remotely. The intrusion potentially exposes logins and passwords.
"That then enables them to steal documents, steal email, start accessing what other machines are connecting to, and basically can get at anything that an employee or other member of the organization can gain. So it can become basically a worst-case scenario for an organization," Adair said.
Federal agencies that use Ivanti systems, including the Department of Homeland Security, were given 48 hours to disconnect and install patches to keep hackers out.
If you believe your home or business router has been hacked, the FBI says you can make a report at www.ic3.gov.
White House announces cybersecurity warning label for devices
The Biden administration wants a "U.S. Cyber Trust Mark" on devices like major internet and bluetooth-connected electronics, warning about risks.
