Backups move into cybercriminals' sights
According to a study by Trend Micro, inadequately protected network storage has recently become an increasing target for cybercriminals. If in doubt, a NAS should not necessarily be shared with the outside world.
So-called network-attached storage devices are usually targeted by attackers for two reasons. Security updates are usually optional for users, and users or companies often unknowingly share their inadequately protected NAS devices for access to the Internet, making it easier for cyber crooks to track down the NAS devices.
According to a Study by Trend Micro NAS devices have recently been particularly affected by well-known ransomware families such as REvil, Qlocker or various botnets are affected. Targeted attacks (for example, by the QSnatch malware) are a particular threat. Best practices primarily include protection against cyberattacks. To this end, the study makes the following recommendations:
- Never connect NAS devices directly to the Internet
- Regularly change the access and security data of all connected devices. Never use the preset default passwords of the devices
- Activation of two-factor authentication (2FA), if available
- Uninstall unused services, for example, unneeded software and applications
- Regularly review NAS vendors' online security guides to provide additional protection from attackers
Editor's note: As far as the first point is concerned, the user or the company should definitely not simply release services to the outside world, but rely on additional protection factors such as a VPN.
Source: Trend Micro
