Trend Micro: Defend Your NAS Devices Against Evolving Threats

Trend Micro: Defend Your NAS Devices Against Evolving Threats

The threats to the Internet of Things (IoT) are becoming more sophisticated as businesses more and more rely on these tools for continuous connectivity and access to data.

Due to the increasing popularity of these tools, hackers regularly update their routines and target NAS devices, which are commonly used by users to store and backup their files. Because of the lack of adequate security measures, they are vulnerable to attackers who know these tools often hold valuable information.

In its latest research paper, Trend Micro analyzed the current threats and recommendations for protecting NAS devices. Researchers also analyzed the various malware families that could infect NAS devices. Two of these included the REvil ransomware and the StealthWorker botnet.

After the REvil gang closed its operations, Trend Micro researchers discovered a Linux version of the ransomware called Revix. The researchers discovered four different variants of the ransomware, which all use a JavaScript Observed Notation-based configuration to set encryption parameters. All four variants had the capability to encrypt NAS devices since as early as May 2021, according to researchers.

In 2021, Trend Micro discovered a growing number of attacks against Synology NAS devices from the StealthWorker botnet. The attackers used this botnet to launch attacks against servers that are running on various products and systems, such as WooCommerce and WordPress. They also targeted web servers that use HTTP authentication and other NAS devices, for example, QNAP.

The vulnerability of NAS devices, which are typically connected to the Internet, and their increasing popularity have raised concerns about their security. Many users and businesses are vulnerable to exploitation, and more attacks are expected in the future.

Trend Micro advises following these best practices:

Avoid exposing a NAS device directly to the Internet
Rotate credentials for a NAS device; always change default credentials that come with the device
Enable two-factor authentication (2FA)
Regularly check NAS manufacturers’ security best practices and tips on how to help defend their devices against exposure on the internet.

To learn more about the various threats and solutions that can protect your NAS device, download Trend Micro’s paper Backing Your Backup: Defending NAS Devices Against Evolving Threats.”

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.