New study shows increased cyber attacks on Network Attached Storage (NAS) devices. A study by Trend Micro shows. that backups are increasingly being targeted by cybercriminals and gives recommendations for defense.
Trend Micro, one of the world's leading providers of cybersecurity solutions, publishes a detailed study that reveals emerging threats to Network Attached Storage (NAS) devices. Cybercriminals take advantage of the fact that insufficiently protected devices are connected to the Internet, making them easier to find. Backups on it are a target.
Web-connected devices targeted
Users and businesses increasingly rely on the Internet of Things (IoT) for connectivity and access to information. Along with this, there is an increasing demand for tailor-made features and a continuous connection to the Internet – a requirement to which the manufacturers of NAS devices are responding. At the same time, cybercriminals are also taking notice of these developments and are increasingly directing their attacks towards these networked devices.
NAS devices are primarily targeted by attackers for two reasons. Implementing security measures in the devices is still optional and they also contain valuable information as they are used for both storing and securing data. In addition, users and businesses unknowingly expose their insufficiently protected NAS devices to access the Internet, making them easier for criminals to find.
NAS and storage at many SMEs
“NAS systems are faithful workhorses in many environments that get the job done without a hitch. But that is precisely why they are regularly forgotten,” warns Udo Schneider, IoT Security Evangelist Europe at Trend Micro. “Unfortunately, these devices are only neglected from a security point of view: They do not receive any patches, the AAA principle (authentication, authorization and accounting) is hardly applied and in many cases not even the standard password is changed. All of this makes them tempting targets for cybercriminals.”
In particular, threats to NAS devices come from well-known ransomware families such as REvil and Qlocker, botnets such as StealthWorker, and cryptominers such as UnityMinder and Dovecat. However, targeted attacks, for example by the QSnatch malware, also pose a threat to them.
REvil, Qlocker, StealthWorker and Cryptominer
NAS devices are a crucial part of storage and backup strategies for businesses and individuals. It is therefore important to comprehensively protect these devices against cyber attacks with modern best practices. The study makes the following recommendations for protecting NAS devices:
- Never connect NAS devices directly to the Internet.
- Regularly changing the access and security data of all connected devices. Never use the devices' default default passwords.
- Enabling two-factor authentication (2FA) when available.
- Uninstall unused services, such as software and applications you don't need.
- Regularly checking the online security guides of the NAS manufacturers to ensure additional protection against attackers.
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.