Vulnerability Leads to the Deletion of All Data on My Book NAS Devices
Nothing is more frustrating than going to log into your device and finding out that you either cannot access it or that files you thought were there have been wiped. Unfortunately, this is the situation that many users of a specific device have recently gone through. Thanks to an unpatched vulnerability, users of Western Digital’s My Book network-attached storage device are suffering from lost files and lost account access stemming from remote access.
The Western Digital My Book NAS device gives users the ability to remotely access their files, even if the NAS device is secured with a firewall or router. Essentially it is a consumer-based external hard drive that you could potentially access from outside your home network. Bleeping Computer reports that some users cannot access their devices due to what appears to be a factory reset, and they received an “Invalid Password” notification upon login. Some users have tried using the default login credentials, too, but to no avail.
After a little digging on the users’ end, they discovered that their devices received a remote command to perform a factory reset. Bleeping Computer calls this attack an odd one as far as remote attacks go, mostly because the device targeted is secured behind a firewall and communications funnel through the My Book Live cloud servers. This has led some users to believe that the Western Digital servers were hacked, but it is odd that the extent of the damage is only deleted files rather than installed ransomware or other threats.
Although Western Digital is investigating the attack, Bleeping Computer does detail a statement issued by the company, stating the following:
- “If you own a WD My Book Live NAS device, Western Digital strongly recommends that you disconnect the device from the Internet. ‘At this time, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet to protect your data on the device,’ Western Digital said in an advisory.”
These WD My Book Live Devices have not received updates since 2015, so vulnerabilities are not entirely unexpected. However, this is more or less a wakeup call for those who have been considering an upgrade for the device. In general, you don’t want to utilize devices that are not actively being supported by the manufacturer, as failing to receive said security updates could result in situations like the one we’ve detailed above. You should also make sure that you are deploying said updates as they are released, as not doing so is the equivalent of using unsupported technology solutions. Remember, it is your responsibility to protect your data!
It’s also imperative that you always store all of your important data on at least two separate devices, or even three for most businesses. Since the device in this case was an external hard drive, hopefully the majority of users were using it as a backup, but we’re afraid that isn’t always going to be the case. Don’t rely on a single drive to store your data!
Need a Hand with Updates and Maintenance?
If your business is ready to start taking its technology updates seriously, White Mountain IT Services can help you deploy updates or potentially even upgrade to new hardware to minimize the odds of security issues arising. To learn more about how we can help you keep your infrastructure as secure as possible, give us a call at 603-889-0800.