The ongoing cyberwar between the U.S. and China has a new battleground: The FBI is alerting the public that certain internet routers are being "hijacked" by Chinese hackers.
An everyday business or individual’s device could be hijacked and transformed into a platform for the Chinese government to launch attacks on U.S. interests, including defense and government targets.
The FBI reports that the attacks target older routers with outdated security features, specifically those made by Cisco and NetGear. Hackers can clandestinely install malware on these routers and use them to launch cyberattacks on critical U.S. infrastructure. The bureau announced this week that investigators dismantled "hundreds" of infected home and small business routers.
"Hackers are targeting our critical infrastructure: water treatment plants, the electrical grid, oil and natural gas pipelines, and transportation systems. The risk this poses to every American requires our immediate attention," FBI Director Christopher Wray told a Congressional committee earlier this week. "Chinese hackers are positioning themselves within American infrastructure to potentially wreak havoc and cause real-world harm to American citizens and communities."
Cyber experts recommend protecting yourself by ensuring your router receives regular updates, and if your router is 10-15 years old, it may be time to replace it. Rio's next-generation router, for example, automatically prevents unauthorized device connections from accessing your network, encrypts your device connections including your smart home and IoT devices with it's built in VPN, and isolates approved devices to dedicated SecureRooms.
"There is a potential business impact of downtime. But the alternative is essentially someone stealing data or deploying ransomware," Adair told Scripps News. "They could encrypt all your data and extort you."
This isn't the only form of cyberattack linked to China: In December, Adair's company discovered that Chinese hackers exploited technology made by Ivanti, which allows workers to log in remotely. This intrusion potentially exposes logins and passwords.
"That then enables them to steal documents, emails, start accessing other machines, and essentially get at anything that an employee or member of the organization can access. It can become a worst-case scenario for an organization," Adair explained.
Federal agencies that use Ivanti systems, including the Department of Homeland Security, were given 48 hours to disconnect and install patches to keep hackers out.
If you suspect your home or business router has been hacked, the FBI advises reporting it at www.ic3.gov.