The FBI warned that some internet routers are being "hijacked" by Chinese hackers. "It could just be an everyday business or individual, and their device essentially could be turned into a platform for the Chinese government to attack U.S. interests, whether that's defense or the government," said Steven Adair of cybersecurity firm Volexity. The FBI says the attacks target older routers with outdated security made by Cisco and NetGear. Hackers can secretly install malware, and use the routers to launch cyberattacks on critical U.S. infrastructure, Scripps News reports. The bureau said investigators took down "hundreds" of infected home and small business routers. "Hackers are targeting our critical infrastructure, our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems. And the risk that poses to every American requires our attention now," said FBI Director Christopher Wray. "China's hackers are positioning on American infrastructure in preparation to wreak havoc and cause real world harm to American citizens and communities."
Cyber experts say people should make sure routers get regular updates. They recommended checking the settings to make sure remote access is turned off. If the router is 10-15 years old, it may be time to buy a new one. "It has a potential business impact of downtime. But, you know, the alternative is essentially someone stealing data, or ransomware," Adair said. "They encrypt all your data and extort you." It's not the only form of cyberattack linked to China: In December, Adair's company discovered Chinese hackers exploited technology made by Ivanti that lets workers log in remotely. The intrusion potentially exposes logins and passwords. "That then enables them to steal documents, steal email, start accessing what other machines are connecting to, and basically can get at anything that an employee or other member of the organization can gain. So it can become basically a worst-case scenario for an organization," Adair said. Federal agencies that use Ivanti systems, including the Department of Homeland Security, were given 48 hours to disconnect and install patches to keep hackers out.