NSA Issues Urgent Alert: Reboot Your Internet Router Now
The National Security Agency issued an urgent alert urging Americans to reboot their internet routers immediately. Federal partners joined the warning amid a rise in attacks on home networks.
What federal investigators say
Officials say Russia’s GRU is exploiting vulnerable routers around the world. The agency identified activity tied to the 85th Main Special Service Center, also called 85th GTsSS.
Those actors use aliases such as APT28, Fancy Bear, and Forest Blizzard. They have collected credentials and compromised small-office and home-office routers.
Known vulnerability and targets
Investigators linked some intrusions to TP-Link devices. The attacks used a flaw tracked as CVE-2023-50224.
The GRU has targeted information tied to military, government, and critical infrastructure. The campaign affected a wide pool of US and global victims.
Immediate steps for users
Experts advise that you reboot your router now to reduce active risk. Users should follow additional hardening steps for all network equipment.
- Change default usernames and passwords on routers and devices.
- Disable remote management interfaces exposed to the internet.
- Update router firmware to the latest vendor releases.
- Replace devices that have reached end-of-support.
- Pay attention to certificate warnings in browsers and email.
- Back up important data and disconnect devices when not in use.
- Restrict administrative access to the internal network only.
Reporting suspected intrusions
If you suspect compromise, report the activity to your local FBI field office. You can also file a complaint with the Internet Crime Complaint Center.
Organizations should follow their internal incident reporting rules. Prompt reporting helps authorities track and disrupt the threat.
Filmogaz.com will monitor updates from the NSA and federal partners. We will publish further guidance as new details become available.
