The threats to the Internet of Things (IoT) are becoming more sophisticated as businesses more and more rely on these tools for continuous connectivity and access to data.
Due to the increasing popularity of these tools, hackers regularly update their routines and target NAS devices, which are commonly used by users to store and backup their files. Because of the lack of adequate security measures, they are vulnerable to attackers who know these tools often hold valuable information.
In its latest research paper, Trend Micro analyzed the current threats and recommendations for protecting NAS devices. Researchers also analyzed the various malware families that could infect NAS devices. Two of these included the REvil ransomware and the StealthWorker botnet.
In 2021, Trend Micro discovered a growing number of attacks against Synology NAS devices from the StealthWorker botnet. The attackers used this botnet to launch attacks against servers that are running on various products and systems, such as WooCommerce and WordPress. They also targeted web servers that use HTTP authentication and other NAS devices, for example, QNAP.
The vulnerability of NAS devices, which are typically connected to the Internet, and their increasing popularity have raised concerns about their security. Many users and businesses are vulnerable to exploitation, and more attacks are expected in the future.
Trend Micro advises following these best practices:
Avoid exposing a NAS device directly to the Internet
Rotate credentials for a NAS device; always change default credentials that come with the device
Enable two-factor authentication (2FA)
Regularly check NAS manufacturers’ security best practices and tips on how to help defend their devices against exposure on the internet.
To learn more about the various threats and solutions that can protect your NAS device, download Trend Micro’s paper “Backing Your Backup: Defending NAS Devices Against Evolving Threats.”