The malware "VPNFilter" was discovered in May, and it quickly became evident that the malware was wide reaching, and dangerous. Now that the infection has had time to spread, however, we are starting to appreciate exactly how dangerous.
A Huge Number of Vendors Affected
The list of affected devices is, essentially, a who’s who of router makers. Asus, D-Link, ZTE, Huawei, UPVEL and Ubiquiti are all on the list, as well as TP-Link, Linksys, Netgear, and numerous other manufacturers. The only piece of good news, so far, is that the vulnerable pieces of equipment have all been found to either be consumer or SOHO-grade items.
More Damage, and Escalating Attacks
Upon discovery, the malware had hijacked around half a million devices, and the damage seemed to be limited. However, it now appears that this early set of infections was merely a dry run for the authors to determine whether there were sufficient vulnerable devices to make the job of controlling them worthwhile. Now that the developers know that there is a wealth of vulnerable hardware out there, they have upped their game, and VPNFilter is attacking endpoints that are behind the firewall, as well as bricking infected devices if they are of limited use.
At a time, when Big Data should be focusing on analysing important issues, such as the performance of Germany in the World Cup, it’s unfortunate that the focus has turned to Malware once again. We have the processing power to use screen analysis and statistical analysis in powerful ways. Hopefully, now that the original VPNFilter domain has been seized by the FBI, the usual big data fun can resume.