July Edition From the Technical Coordinator From the Section Emergency Coordinator From the Affiliated Club Coordinator From the Public Information Coordinator From the Section Traffic Manager Out and About From the Educational Outreach ARES Training Update From the Official Observer Coordinator Handbook Give Away DMR Fun Things To Do, Classes & Hamfests Too Weather Underground Stations Club Corner Final.. Final.. From the Technical Coordinator Jeff Kopcak – K8JTK TC
[email protected] Hey Gang, Around the time of Dayton, the FBI asked everyone to reboot their routers. Why would they do that? Over the last two years more than 500,000 consumer and small business routers in 54 countries have become infected with a piece of malware called “VPNFilter.” This sophisticated malware is thought to be the work of a government and somewhat targeted with many of the infected routers located in Ukraine. Security researchers are still trying to determine what exactly VPNFilter was built to do. So far, it is known to eavesdrop on Internet traffic grabbing logon credentials and looking for specific types of traffic such as SCADA, a networking protocol controlling power plants, chemical plants, and industrial systems. Actively, it can “brick” the infected device. Src: Cisco’s Talos Intelligence Group Blog Bricking is a term to mean ‘render the device completely unusable’ and being as useful as a brick. In addition to these threats, this malware can survive a reboot. Wait, didn’t the FBI ask all of us to reboot our routers? Won’t that clear the infection? No. In order for this malware to figure out what it needs to do, it reaches out to a command-and-control server.