Trend Micro has published a study that reveals new threats to network attached storage (NAS) devices. Cybercriminals take advantage of the fact that insufficiently protected devices are connected to the Internet and thus become easier for them to find. […]
Users and businesses are increasingly reliant on the Internet of Things (IoT) to ensure connectivity and access to information. Along with this, the demand for tailor–made features and a consistent connection to the Internet is increasing – a requirement to which the manufacturers of NAS devices are responding. At the same time, cybercriminals are also taking note of these developments and are increasingly focusing their attacks on these networked devices.
NAS devices are primarily targeted by attackers for two reasons. The implementation of security measures in the devices is still optional and they also contain valuable information, as they are used both for storing and backing up data. In addition, users and companies unknowingly release their insufficiently protected NAS devices to access the Internet, which makes them easier for criminals to find.
“NAS systems are often neglected”
“In many environments, NAS systems are loyal workhorses that perform their tasks without any problems. However, this is precisely why they are regularly forgotten,“ warns Udo Schneider, IoT Security Evangelist Europe at Trend Micro. “Unfortunately, from a security point of view, these devices are then only neglected: they do not receive any patches, the AAA principle (authentication, authorization and billing) is hardly used and in many cases not even the default password is changed. All this makes them tempting targets for cybercriminals.“
Threats to NAS devices come in particular from well-known ransomware families such as REvil and Qlocker, botnets such as StealthWorker and cryptominers such as UnityMinder and Dovecat. But targeted attacks, for example by the malware QSnatch, also pose a danger to you.
NAS devices are a crucial part of storage and backup strategies for businesses and individuals. That is why it is important to comprehensively protect these devices from cyber attacks with modern best practices. The study gives the following recommendations for the protection of NAS devices:
- Never connect NAS devices directly to the Internet.
- Regularly changing the access and security data of all connected devices. Never use the preset default passwords of the devices.
- Activation of two-factor authentication (2FA), if available.
- Uninstalling unused services, such as unneeded software and applications.
- Regularly checking the online security guides of the NAS manufacturers to ensure additional protection against attackers.