5 Steps the FBI Wants You to Take to Secure Your Router Right Now
Key takeaways
- If you haven't thought about your home router since the day you set it up, the FBI would like a word.
- While that news sounds pretty alarming, it's worth keeping in mind that the attack compromised enterprise routers specifically, so your home Wi-Fi router likely isn't at risk.
- A news release from the NSA notes that the attack indiscriminately targeted a wide pool of routers, with the goal of gathering information on "military, government, and critical infrastructure."
If you haven't thought about your home router since the day you set it up, the FBI would like a word. Federal agencies, including the FBI and NSA, disclosed on April 7 that a unit of Russia's military intelligence directorate, the GRU group known as APT28 or Fancy Bear, has been systematically compromising home and small office routers since at least 2024, using the access to intercept credentials, authentication tokens and sensitive communications. The agency took the unusual step of remotely resetting thousands of affected US devices under a court order, but officials are warning that without action from individual router owners, the problem is far from solved.
The attack targeted small-office/home-office routers, also known as SOHO routers, and was carried out by a unit in the Russian military intelligence agency, the GRU. Government agencies are urging people to follow basic router hygiene steps, such as updating to the latest firmware and changing default login credentials. The UK's National Cyber Security Centre includes a number of TP-Link routers specifically targeted by the hackers.
While that news sounds pretty alarming, it's worth keeping in mind that the attack compromised enterprise routers specifically, so your home Wi-Fi router likely isn't at risk. That said, some of the affected routers can be used as standard home routers, so it's worth checking whether your model was exploited in the attack.