Blog

Vulnerability Leads to the Deletion of All Data on My Book NAS Devices

Vulnerability Leads to the Deletion of All Data on My Book NAS Devices

Nothing is more frustrating than going to log into your device and finding out that you either cannot access it or that files you thought were there have been wiped. Unfortunately, this is the situation that many users of a specific device have recently gone through. Thanks to an unpatched vulnerability, users of Western Digital’s My Book network-attached storage device are suffering from lost files and lost account access stemming from remote access.

The Western Digital My Book NAS device gives users the ability to remotely access their files, even if the NAS device is secured with a firewall or router. Essentially it is a consumer-based external hard drive that you could potentially access from outside your home network. Bleeping Computer reports that some users cannot access their devices due to what appears to be a factory reset, and they received an “Invalid Password” notification upon login. Some users have tried using the default login credentials, too, but to no avail. 

After a little digging on the users’ end, they discovered that their devices received a remote command to perform a factory reset. Bleeping Computer calls this attack an odd one as far as remote attacks go, mostly because the device targeted is secured behind a firewall and communications funnel through the My Book Live cloud servers. This has led some users to believe that the Western Digital servers were hacked, but it is odd that the extent of the damage is only deleted files rather than installed ransomware or other threats.

Although Western Digital is investigating the attack, Bleeping Computer does detail a statement issued by the company, stating the following:

  • “If you own a WD My Book Live NAS device, Western Digital strongly recommends that you disconnect the device from the Internet. ‘At this time, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet to protect your data on the device,’ Western Digital said in an advisory.”

These WD My Book Live Devices have not received updates since 2015, so vulnerabilities are not entirely unexpected. However, this is more or less a wakeup call for those who have been considering an upgrade for the device. In general, you don’t want to utilize devices that are not actively being supported by the manufacturer, as failing to receive said security updates could result in situations like the one we’ve detailed above. You should also make sure that you are deploying said updates as they are released, as not doing so is the equivalent of using unsupported technology solutions. Remember, it is your responsibility to protect your data!

It’s also imperative that you always store all of your important data on at least two separate devices, or even three for most businesses. Since the device in this case was an external hard drive, hopefully the majority of users were using it as a backup, but we’re afraid that isn’t always going to be the case. Don’t rely on a single drive to store your data!

Need a Hand with Updates and Maintenance?

If your business is ready to start taking its technology updates seriously, White Mountain IT Services can help you deploy updates or potentially even upgrade to new hardware to minimize the odds of security issues arising. To learn more about how we can help you keep your infrastructure as secure as possible, give us a call at 603-889-0800.

By accepting you will be accessing a service provided by a third-party external to https://www.whitemtn.com/

Related Posts

Smartphones may have been some of the first Internet-connected mobile devices, but they are still as vulnerable to attack as ever. This is especially true for those who forsake any sort of mobile device security policy. With modern businesses utilizi...
Today’s headlines are dominated by stories of major companies getting hacked, making the average computer user feel uneasy about their security. If you’re solely dependent on a measly password to protect you from hackers, then you’ve got good reason ...
The online world is a scary place. Viruses, malware, spyware, adware, and more are all out there trying to get at your network. These threats are almost always prevalent, but compared to each other, some are vastly superior and far more dangerous and...
It’s the nature of technology to grow more complex over time, and as it does, the types of threats grow alongside it. Security is now more important than ever before, and if your business is not prepared to handle the threats that lurk in the shadows...
Even the most innocent Internet user can fall victim to the stray hacking attack, and it’s all thanks to the manner in which malware reverse-engineers software. This process is how a hacker finds vulnerabilities in software. However, a new security c...
Accessibility and mobility are important parts of a business’s data infrastructure. To this end, some businesses take advantage of a Virtual Private Network (VPN), which has the power to extend a personal network over a private network like the Inter...
Most hacking attacks are the result of a flaw or vulnerability found within the code of a program or operating system, but we rarely take into account the ones that don’t. Hackers often take advantage of the human side of hacking as well, a process k...
Just like Silk Road (the illegal online black market designed to smuggle drugs around the world), there exists an online trade for zero-day exploits. Unsurprisingly, hackers find it exceptionally lucrative to sell these exploits for profit. Now, ther...
When you think of the Internet of Things, does your mind immediately wander into the realm of connected devices that change the way we interact with each other? Or, does it consider the security issues that can potentially become a threat to your ent...
Network security entails a ton of different procedures, and it can be easy to lose track of what you’ve already implemented, and what still needs to be done. Instead of worrying about keeping your business’s confidential data safe, know with certaint...
It might seem like the obvious reason for hacks and data loss is due to technology being unpredictable, but in all reality, it’s important to remember that some of the problems we experience with technology come from the people operating it. To this ...
People use and reuse old passwords time and again, and then they get two-factor authentication to augment their fifteen-character passwords. Wouldn’t it be great if your computer could recognize you just by how well you recognize others?...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions