Network devices are regularly the target of brute force attacks and ransomware attacks. Anyone who does not have their security settings in order risks being attacked by hackers. QNAP, therefore, advises its customers to immediately check all settings.
That writes Taiwanese manufacturer of network and storage equipment QNAP in a so-called Product Security Statement, which was published Friday.
Check security settings
The manufacturer recommends that everyone check whether their storage system or Network Attached Storage (NAS) is accessible via the Internet. This can be checked via the Security Counselor on their network and storage device. Users are notified that they are at ‘medium risk’. Next to an exclamation point in an orange circle, the dashboard reads: “The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP.”
If that’s the case, customers need to fix it as soon as possible to protect their data. They only have to go through two steps to do this. First of all, they need to adjust the Port Forwarding Settings for their NAS within the router. By default, the ports are 8080 and 433 on QNAP storage systems. In addition, customers are recommended to disable UPnP within myQNAPcloud for their NAS.
UPnP stands for Universal Plug & Play and allows devices on your network to open and close ports when they connect to each other. Simply put, UPnP ensures that you do not have to install each device separately, but that an automatic connection is made.
‘All network equipment’ potential target of hackers
QNAP recommends that customers implement the above as soon as possible. If they don’t, they risk becoming the target of brute force attacks or ransomware attacks. In a brute force attack, cybercriminals try to hack into accounts by entering an unlimited number of usernames and password combinations. In a ransomware attack, hackers install ransomware on a device in the hope of getting a ransom for the decryption key.
QNAP does not say whether the company’s equipment has been targeted more often by hackers lately or not. The manufacturer only says that hackers target ‘all network equipment, not QNAP in particular.
Synology also warns customers of the danger of brute force attacks
Late last year, stories surfaced that NAS devices were increasingly affected by eCh0raix ransomware. This software allowed hackers to take over network equipment with administrator rights. Several customers of QNAP and Synology reported on the forum of the tech site BleepingComputer.
Speaking of Synology, the Taiwanese company warned customers last August that hackers were conducting brute force attacks through a botnet called StealthWorker. The company worked closely with Computer Emergency Response Teams to take down the infrastructure behind StealthWorker. System administrators were advised to change weak passwords and enable multi-factor authentication (MFA) or two-step verification.
Catch up on more articles here
Follow us on Twitter here