Network attached storage (NAS) vendors are urging consumers that own a NAS to ensure that their security protocols are up-to-date and passwords strong. The warning comes after a couple of brands reported ransomware attacks being carried out on their products.
One such vendor happens to be Taiwan-based QNAP. Specifically, the brand sent out the warning to its customers after ransomware known as “eCh0raix” was discovered. What makes this particular ransomware exceedingly dangerous to QNAP NAS’ is that – according to Anomali, the security firm that discovered the malware – it was designed to specifically target QNAP’s list of network-based storages.
Synology is another vendor who recently urged its consumers to do the same. However, unlike its competitor, Synology’s press release about the ransomware attack appeared vague. The company simply stated that several of its customers reported being victims of brute-force login attacks by hackers, who then proceeded to encrypt the data stored inside their NAS.
For QNAP NAS users who have become a victim of “ech0Raix”, the company says that it’s currently working on a solution that will remove the malware and that it will release it at the “soonest possible time”. In the mean time, it would be prudent for NAS owners to listen to the companies’ and take necessary measures to properly secure their NAS.
For QNAP NAS users, this includes installing and update the brand’s Malware Remover, enabling Network Access Protection, and disabling SSH and Telnet, among other things. Also, it’s would be best to avoid using ports 443 and 8080 for the time being.
As for Synology users, the brand is more or less advising the same thing; this includes creating a new account in the administrator group and then disabling the system default “admin” account. As well as enabling Auto Block in your NAS’ Control Panel to block out IP addresses that fail the login process too many times.